I noticed that my CFCU scam post is receiving a lot of traffic. So, when i got another “nice” scam message, i decided to post it here too as a service to the community.
This time the message came supposedly from Chase:
Due to concerns, for the safety and integrity of your Chase.com account we have issued this warning message.
It has come to our attention that your Chase.com account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.
Once you have updated your account records your account service will not be interrupted and will continue as normal.
To update your account records click on the following link:
JP Morgan Chase Bank © 2008 Chase Bank. Member FDIC.
Now, if you look at the code, the link actually leads to: http://www.0011race.com/images/chase.html. If you delete everything after the .com, you will see a website that seems to be in Korean. It looks like a gambling website, but i don’t really know (if you read the language, please feel free to leave a comment telling what the orignal website is about).
Here, i have to give kudos to FireFox (FF). When i went to this page, i received a warning message telling that this is a scam and even its purpose:
So, one more reason to use FF. I was really impressed.
If you disregard this message, you will see a web page that resembles the Chase website with one weird (and i think not very smart) behavior – every single link at the website would bring you back to the same page.
Unless, of course, you enter some random characters for the User ID and the Password. In that case, you will receive the following page:
This one is actually rather funny. They are asking you for a bunch of things such as your email password and your social security number. That should be a clear red flag for anyone, even the least experienced user! Similarly to the CFCU scam, they are smart about requesting a certain type and a certain number of characters in the various fields. However, unlike the CFCU folks, they are not clever with resuming it in an “elegant” way. They keep on telling you that the credit card number you’ve entered is wrong. Probably this is an attempt to collect a number of credit card numbers counting on a person trying a different card each time. But at the same time, i think this kind of behavior would alert anyone.
To summarize, it is a scam, and not the most elegant one. If you got that email and this post helped you in clarifying your doubts, i am glad.