Chase phishing scam…if you use chase please read.

I just received an email from customerservice@chaseonline.com about recent fraud activity. Here is the actual message:

Right away I was pretty certain that I was staring straight into the eyes of a phishing scam, but I decided to investigate. For one I checked the mail header and am pretty sure that a) chaseonline.com wasn’t a chase domain and b) that yokoi.deviantart.com wasn’t their mail relay for official messages. I went ahead and went to the linked website and it was a perfect copy of the actual chase website. But the dns address was pointing to a homeftp.net…yea not chase. But one other major flag was the lack of https (that s makes a huge difference). Even without all of the other research that I did one should never log into a bank/creditcard site that isn’t secured with a proper ssl cert. Of course if the scamers were good they could have used a self-signed ssl cert…which is where firefox comes in. Firefox will warn you before allowing you to enter any site with an improper ssl cert. Some people think this is a bad thing because self signed ssl certs aren’t necessarily a bad thing. I agree I use them where they are needed, but it is a pretty simple task to allow an exception in firefox, and I would rather know if the website I am going to has a proper cert or not.

I called chase to let them know and made sure that my account was, in fact, safe. But if you have a chase account be warned and don’t trust an email. When in doubt call the number on the back of your card.

Advertisements
Explore posts in the same categories: Uncategorized

4 Comments on “Chase phishing scam…if you use chase please read.”

  1. mrosedale Says:

    I am about to post a followup with a little more detailed networking information. I am glad it helped though.


  2. […] Networking, and Phishing So in response to my  other post on the Chase Phishing scam I am writing a follow-up that serves two purposes. 1) It lets you know some networking internals […]


  3. […] and malware has been on the decline. There are fewer major outbreaks in general as hackers are now resorting to phishing […]


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: