Anti-Phishing Blog


Tuesday, November 01, 2005

What you see isn't always what you get

This phishing email is a classic illustration of how what you see isn't always what you get. The link that shows in the email is
https://chaseonline.chase.com/colappmgr/colportal/prospect?_nfpb=true&_pageLabel=page_logonform
but the real link that's hidden (that it would actually go to) is:
http://chase.com.update-user1881.info -- Note that it only looks like a Chase address at first glance. It's not. It is a dot info domain that just happens to have chase as one of the words within it. It has nothing to do with the real financial institution.

Here it is:

Dear Customer,
Chase OnlineSM does everything we can to protect your security.
By following the tips below, you can help us protect your account
against fraudulent activity.
Chase OnlineSM will be temporarily unavailable from 12:00 a.m. on Sunday,
October 30 to 8:00 a.m. on Monday, October 31 due to a system upgrade.
We apologize for any inconvenience.
Your most recent Personal/Business checking account profile is now available
for an update via Chase OnlineSM. Please click on the link below.
You will be asked to enter your ATM Credit Card information.
https://chaseonline.chase.com/colappmgr/colportal/prospect?_nfpb=true&_pageLabel=page_logonform
Thank you,
Chase.com
Chase OnlineSM Account Access
Message Center : CHASE27941
Message Date : 29-10-2005
Customer ID : 22193CBO85
Please do not reply to this message.
© 2005 JPMorgan Chase & Co.

1 Comments:

  • I maintain a website which shows actual examples of phishing/fraud e-mails, instant messages and websites. These scams not only include the Banking Industry, but every other target which has appeard or is appearing online.

    You can view samples of scams and fraud e-mails/websites at: http://www.doshelp.com/scams-fraud

    For Banking Specific you can view: http://www.doshelp.com/scams-fraud/Banking which keeps a score of how many sites I have shut down in addition to what sites/e-mails were involved.

    TIP: If your institution is using pictures of the scam/fraud e-mails, be sure your webmaster includes ALT text which is the textual representation of what's included on the scam e-mail sample.

    This makes that message (picture) searchable in search engines if someone were to go and search for text as it appears in the message (misspellings, punctuation and statements). This can be a highly effective means of 'getting the word out' to your customers.

    By Blogger DoShelp Fraud-Scam Reporting, at 12:29 PM  

Post a Comment

<< Home