Your Chase Credit Card Account
[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
VERY IMPORTANT INFORMATION, READ THIS FIRST: The example and associated information published on this page are subject to the SHPAMEE Terms Of Use. Please familiarise yourself with these terms before viewing or using any information on this page.
Header:
From - Sat Aug 25 08:44:23 2012
X-Account-Key: account9
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Delivered-To: x
Received: by 10.58.114.34 with SMTP id jd2csp972782veb;
Fri, 24 Aug 2012 08:31:12 -0700 (PDT)
Received: by 10.204.152.220 with SMTP id h28mr2122013bkw.30.1345822271824;
Fri, 24 Aug 2012 08:31:11 -0700 (PDT)
Return-Path: <noreply@chubba.com>
Received: from chubba.com (156.Red-83-57-153.dynamicIP.rima-tde.net. [83.57.153.156])
by mx.google.com with ESMTP id hs4si7667614bkc.135.2012.08.24.08.31.08;
Fri, 24 Aug 2012 08:31:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of noreply@chubba.com designates 83.57.153.156 as permitted sender)
client-ip=83.57.153.156;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@chubba.com designates 83.57.153.156 as
permitted sender) smtp.mail=noreply@chubba.com
Received: from unknown (23.205.140.168)
by nntp.pinxodet.net with LOCAL; Fri, 24 Aug 2012 16:18:32 +0100
Received: from unknown (42.213.209.245)
by mailout.endmonthnow.com with QMQP; Fri, 24 Aug 2012 16:01:16 +0100
Received: from unknown (HELO mmx09.tilkbans.com) (Fri, 24 Aug 2012 15:50:43 +0100)
by mxs.perenter.com with QMQP; Fri, 24 Aug 2012 15:50:43 +0100
Received: from unknown (119.129.33.21)
by mail.naihautsui.co.kr with ESMTP; Fri, 24 Aug 2012 15:39:18 +0100
Received: from mtu23.bigping.com ([Fri, 24 Aug 2012 15:26:35 +0100])
by mmx09.tilkbans.com with NNFMP; Fri, 24 Aug 2012 15:26:35 +0100
Message-ID: <x@chubba.com>
Date: Fri, 24 Aug 2012 15:26:35 +0100
Reply-To: "noreply" <noreply@chubba.com>
From: "noreply" <noreply@chubba.com>
MIME-Version: 1.0
To: x
Subject: Your Chase Credit Card Account
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Account-Key: account9
X-UIDL: x
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Delivered-To: x
Received: by 10.58.114.34 with SMTP id jd2csp972782veb;
Fri, 24 Aug 2012 08:31:12 -0700 (PDT)
Received: by 10.204.152.220 with SMTP id h28mr2122013bkw.30.1345822271824;
Fri, 24 Aug 2012 08:31:11 -0700 (PDT)
Return-Path: <noreply@chubba.com>
Received: from chubba.com (156.Red-83-57-153.dynamicIP.rima-tde.net. [83.57.153.156])
by mx.google.com with ESMTP id hs4si7667614bkc.135.2012.08.24.08.31.08;
Fri, 24 Aug 2012 08:31:11 -0700 (PDT)
Received-SPF: pass (google.com: domain of noreply@chubba.com designates 83.57.153.156 as permitted sender)
client-ip=83.57.153.156;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of noreply@chubba.com designates 83.57.153.156 as
permitted sender) smtp.mail=noreply@chubba.com
Received: from unknown (23.205.140.168)
by nntp.pinxodet.net with LOCAL; Fri, 24 Aug 2012 16:18:32 +0100
Received: from unknown (42.213.209.245)
by mailout.endmonthnow.com with QMQP; Fri, 24 Aug 2012 16:01:16 +0100
Received: from unknown (HELO mmx09.tilkbans.com) (Fri, 24 Aug 2012 15:50:43 +0100)
by mxs.perenter.com with QMQP; Fri, 24 Aug 2012 15:50:43 +0100
Received: from unknown (119.129.33.21)
by mail.naihautsui.co.kr with ESMTP; Fri, 24 Aug 2012 15:39:18 +0100
Received: from mtu23.bigping.com ([Fri, 24 Aug 2012 15:26:35 +0100])
by mmx09.tilkbans.com with NNFMP; Fri, 24 Aug 2012 15:26:35 +0100
Message-ID: <x@chubba.com>
Date: Fri, 24 Aug 2012 15:26:35 +0100
Reply-To: "noreply" <noreply@chubba.com>
From: "noreply" <noreply@chubba.com>
MIME-Version: 1.0
To: x
Subject: Your Chase Credit Card Account
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Body:
| If you are having trouble viewing this message, please click here. E-mail Security Information. | |||||||||||||||||||||||
 |
|||||||||||||||||||||||
 |
|||||||||||||||||||||||
|
|||||||||||||||||||||||
 |
|||||||||||||||||||||||
|
|||||||||||||||||||||||
| ABOUT THIS MESSAGE: This service message was delivered to you as a Chase credit card customer to provide you with account updates and information about your card benefits. Chase values your privacy and your preferences. If you want to contact Chase, please do not reply to this message, but instead go to http://www.chase.com/. For faster service, please enroll or log in to your account. Replies to this message will not be read or responded to. Your personal information is protected by state-of-the-art technology. For more detailed security information, view our Online Privacy Policy. To request in writing: Chase Privacy Operations, PO Box 659752, San Antonio, Texas 78265-9752 ©2011 JPMorgan Chase & Co. |
|||||||||||||||||||||||
Comments:
Related Cyber Criminal Profiles:
No related profiles found.Similar Spam Examples:
Chase Banking Phishing Scam - ACTION REQUIED: Notice for your accountChase Account Form Phishing Scam
Banking Phishing Scam - Chase Alert(SM): Notice for your Account
Malware Spam - Chase Merchant Statement
Chase Online Banking Phishing Scam - You Have New Mail
Related Malware Samples:
No related malware samples found.[Previous Example] [Share This Page] [Back To The Main SHPAMEE Index] [Next Example]
This e-mail was actually addressed to cppgenius at cybertopcops.com. They simply copied the e-mail address and used it as the customer's name. If they already have your e-mail address, it means absolutely nothing if they use it in the e-mail as well. Don't think that it is a legitimate e-mail if they use use your e-mail address in the body of the e-mail as well. If this e-mail really came from Chase, they would have addressed you by name and not by e-mail address. But be careful, a clever phishing scammer might even know your name, so this is never an absolute guarantee that the e-mail came from your bank.
So your credit card is due for payment but they don't tell you how much. No, you have to log into their online banking services to make the payment, or as they say, manage your account. They don't tell you how much you owe, because they don't know how much it is, quite frankly because this e-mail did not come from Chase. Chase will send you a proper credit card statement not a piece of junk like this.
Even if the scammers do send you a so-called credit card statement, at least make sure the e-mail really came from Chase. This e-mail clearly did not come from Chase, since the From address is a spoofed chubba.com e-mail address. We love it when the scammers make it so obvious that it is a scam.
Oops! Did they forget to remove this? These scammers are really a lazy bunch.
Don't click the link, rather call your bank directly and don't EVER use a telephone number supplied in an e-mail.
Well it looks like the scammers are starting to educate their victims on how to protect themselves against phishing scams. Good work!
It seems to be a popular trend among phishing scammers these days to modify the title attributes of all links in the phishing e-mail, to put the victim under the impression that the link will take him/her to the real chase.com website. Don't be fooled by the popup tooltip. Look at the address displayed in your status bar and make sure the link points to the real chase.com website before clicking on it and as always, whenever you have doubts about the legitimacy of an e-mail, it is most likely a scam, so contact your bank directly by phone just to make sure.
Better be safe than sorry!