Threat Actors Impersonate Chase Bank

Threat researchers at Armorblox have come across two new phishing scams targeting customers of JPMorgan Chase Bank. 

Both attacks deployed social engineering and brand impersonation tactics in an attempt to steal customers' login credentials.

While one scam involved an email that appeared to contain a credit card statement, the other impersonated a locked account workflow to falsely inform victims that access to their account had been blocked following the detection of unusual login activity.

Amorblox researchers said that the first scam "skipped spam filtering because Microsoft determined that the email was from a safe sender, to a safe recipient, or was from an email source server on the IP Allow list."

The fraudulent email, titled "Your Credit Card Statement Is Ready," appeared to have been sent by "Jp Morgan Chase." Its content was fashioned to resemble genuine communications from the American national bank.

"The email contained HTML stylings similar to genuine emails sent from Chase, and included links for the victim to see their statement and make payments," said the researchers.

Victims who clicked the links would be taken to a web page resembling the Chase login portal and asked to enter their banking account credentials.

"Attackers often bank on victims not paying enough attention to inconsistencies like the URL not being from the Chase domain for example," said researchers. 

"They assume that because we have busy lives and over-flowing inboxes, we will click before we think."

Researchers found that the malicious website had been registered with budget ..

Support the originator by clicking the read the rest link below.