Scareware gang phishes for Chase banking details

Graham Cluley
Graham Cluley
@
 @grahamcluley.com
 @[email protected]

The organised cybercrime gang responsible for the fake anti-virus scareware campaign I blogged about yesterday, are now turning their hands to phishing.

Emails, claiming to be directed at credit card customers of the Chase bank, actually point to a domain name which was being used yesterday to spread bogus anti-virus software.

Part of the phishing email reads as follows:

Important Information Regarding Your Chase Credit Card

Sign up to our free newsletter.
Security news, advice, and tips.

Dear Chase Client ,

This is your official notification that the service(s) listed below
will be deactivated and deleted if not renewed immediately.
Previous notifications have been sent to the Billing Contact assigned to
this account.
As the Primary Contact, you must renew the service(s) listed below.

SERVICE: CHASE CREDIT CARD
Expiration: December 04 , 2008

If you visit the embedded link in the email you are taken to a cloned version of the Chase login page – with any login information you enter being put straight into the hands of the gang.

cloned-chase-site.jpg

We’ve been saying for some time now that one of the dangers of purchasing fake anti-virus software is that you aren’t just buying a bogus product sold through unethical marketing methods, but also that you’re endangering your bank account by handing the criminals your credit card details. Well, here’s the truth that they are prepared to use any means necessary to grab your confidential bank information.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.