Scareware gang phishes for Chase banking details

The organised cybercrime gang responsible for the fake anti-virus scareware campaign I blogged about yesterday, are now turning their hands to phishing.

Emails, claiming to be directed at credit card customers of the Chase bank, actually point to a domain name which was being used yesterday to spread bogus anti-virus software.

Part of the phishing email reads as follows:

Important Information Regarding Your Chase Credit Card

Dear Chase Client ,

This is your official notification that the service(s) listed below
will be deactivated and deleted if not renewed immediately.
Previous notifications have been sent to the Billing Contact assigned to
this account.
As the Primary Contact, you must renew the service(s) listed below.

Expiration: December 04 , 2008

If you visit the embedded link in the email you are taken to a cloned version of the Chase login page – with any login information you enter being put straight into the hands of the gang.


We’ve been saying for some time now that one of the dangers of purchasing fake anti-virus software is that you aren’t just buying a bogus product sold through unethical marketing methods, but also that you’re endangering your bank account by handing the criminals your credit card details. Well, here’s the truth that they are prepared to use any means necessary to grab your confidential bank information.