Scareware gang phishes for Chase banking details

Filed Under: Spam

The organised cybercrime gang responsible for the fake anti-virus scareware campaign I blogged about yesterday, are now turning their hands to phishing.

Emails, claiming to be directed at credit card customers of the Chase bank, actually point to a domain name which was being used yesterday to spread bogus anti-virus software.

Part of the phishing email reads as follows:

Important Information Regarding Your Chase Credit Card

Dear Chase Client ,

This is your official notification that the service(s) listed below
will be deactivated and deleted if not renewed immediately.
Previous notifications have been sent to the Billing Contact assigned to
this account.
As the Primary Contact, you must renew the service(s) listed below.

SERVICE: CHASE CREDIT CARD
Expiration: December 04 , 2008

If you visit the embedded link in the email you are taken to a cloned version of the Chase login page - with any login information you enter being put straight into the hands of the gang.

cloned-chase-site.jpg

We've been saying for some time now that one of the dangers of purchasing fake anti-virus software is that you aren't just buying a bogus product sold through unethical marketing methods, but also that you're endangering your bank account by handing the criminals your credit card details. Well, here's the truth that they are prepared to use any means necessary to grab your confidential bank information.

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.