A few years ago, these fake emails were easy to spot. They often had apalling grammar. It was obvious they were not professionally done. However, they've gotten better. I'm including one below that I just received. Again, THIS IS A SCAM
FROM: Chase Online [service@chase.server1.com ]
SUBJECT: Alert: Account Locked!
Account Locked !
Dear Chase Member,
Due to the number of incorrect login attempts, your Chase Account has been locked for your security. This has been done to secure your accounts and to protect your private information in case the login attempts were not done by you.. At Chase Bank we care about your security so, for your protection we are proactively notifying you of this activity. If you did not trigger this lockout, follow this link to Log on to your Chase Online Account :
Click here to unlock your account
Thank you for your prompt attention to this matter. We apologize for any inconvenience.
Thank you for using Chase!
There are a couple of red flags here. First, you financial institution will probably never ask you do do anything by clicking a link in the email. If get an email like this, and think it might be legit, open a new browser window and type the address for your financial institution. Do not follow the link.
If you click on the link above, it will take you to Google. In the original email, though, it would take you to this address:
ht_tp://_ww_w.chase.accountlocked.com_/colappmgr/colportal/prospect.php?_nfpb=change_form
I added some extra underscores so to break the link.
It looks like a chase link. But it doesn't take you to a chase site. Chase may operate at www.chase.com, but this takes you to a chase page on the site accountlocked.com. That is not chase.
You can see more information about this site by visitin www.whois.net
Here is the link to the registration information for the page:
http://whois.net/whois_new.cgi?d=accountlocked.com
It looks like some guy in Colorado registered this address on 2006-09-23. I do not know if the owner of the address is the one attempting this fraud, or if the owner himself has been hacked. Regardless, it's certainly not owned by chase.
The email address should send up a similar flag. It doesn't come from chase.com. It comes from server1.com, which, according to www.whois.net is registered to a company in the Cayman Islands.
The Internet is a powerful tool, but like the real world, it pays to be careful out there.
No comments:
Post a Comment