You have received a refund – Chase Phishing Fraud

The typical bank Phishing fraud spam email warns you about your account security, claiming there have been unauthorized transactions or invalid login attempts from overseas.

In a creative twist, the latest spam Phishing campaign targeted toward J.P. Morgan Chase customers uses more of a carrot than a stick; announcing that you’ve received a billing refund.

Subject:     You have received a refund of $70.95
From:     J.P. Morgan Chase <online.service@chase.int.com>

Of course the sending address is also spoofed, with this example coming from the Netherlands to a client in the US:

from windows4.firstfind.nl [85.158.203.201]

Here’s a screen shot of the entire message:

 

While this specific message advertises a refund of

$70.95 from Comcast Corporation on 04/18/2011.

The amount, date and the company supposedly providing the refund can all change for each spam message, making it harder for many spam filters to catch.

The real Phishing trick comes when a recipient clicks the hyperlink that is displayed as:

https://www.chase.com/Logon.jsp?LOB=RBGLogon&_pageLabel=page_logonform

But which really redirects to compromised sites such as:

http://fantast.rs/16891689/chase.com/Logon.jsp/?LOB=RBGLogon&_pageLabel=page_logonform&sessionid=us2721561c77178574f40da970bf5597ac0a068719bac853985860

While that particular page may or may not still be up in the future, here’s a captured screen shot of a very convincing Chase.com login page:

 

No matter how good the replica landing login page might be, the only thing you’ll accomplish by “logging in” though this site will be to provide your actual Chase.com username and password to the cyber-criminals behind this spam Phishing campaign.

 

- -

OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.

Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."

OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.

Tags: fraud, phishing, spam, spoofing

This entry was posted on Wednesday, April 27th, 2011 at 8:46 am and is filed under Email Fraud, Phishing Lessons. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.