Phishers are Back to Target Chase Clients

Robert Stetson, one of our malware researchers at the AV Labs, found a new phishing scam in the wild.

The scam arrives as an email that directs users to the URL, data-server(dot)host(dot)org/email/protect/chase/.

click to enlarge

After Chase clients provide their credentials into the fields of the purported legitimate bank page and click Log on, they are then directed to another UI where they are to enter their email address and its password.

click to enlarge

click to enlarge

Chase clients, please be duly warned about this. For the rest, please delete from your inbox doubtful mails that purport to come from banks (including yours). If you received an email from your bank about your account, confirm with them via customer service.You know what they say: Better safe than sorry.

Jovi Umawing (Thanks to Robert)