«
»

JP Morgan Chase Is Being Used In A Banking Credentials Phishing Email… Which Goes Nowhere

When I do these looks at scams and phishing emails, I often focus on Canadian companies as well as Apple, Google, Microsoft, etc. Some Americans have asked me to show more American companies. So I’ll do that with this phishing email that hit my inbox:

I’ll get to the punchline. This email is meant to take you to a website where you will enter your banking credentials. And then the threat actors will use them to steal your money. While this looks like a decent replication of an email this bank, here are the things that should have you hitting the delete button should you get this email:

  • The bad quality of the English language in this email. For example: “Click on the secured link below and sign-on and follow every required steps.”
  • In something that is new for me, the email suggests”We also recommend  you don’t change your  username and password while verification is being carried out.” That’s likely there because the threat actors need time to drain your bank account. And they couldn’t do that if you go off and change your password or username.
  • There’s zero personally identifiable information. As in a card number, your name, etc. That’s because this is being mass mailed out to thousands of people.

Plus there’s this:

That’s clearly not coming from jpmorganchase.com. So it’s a scam. Which means that the normal person should delete this and move on with their day. But since I look into this stuff, I am going to go click the “Verify Now” button which you should never, ever do.

Well this is disappointing. Though it’s still instructive. The website address at the top is clearly not JP Morgan Chase. Which means the threat actors either had the scam shut down by this host in Argentina (the hint that this website is being hosted in Argentina is the .ar domain), or the threat actors haven’t fully set this up yet. Either way, nobody is getting scammed today. Which is a good thing given how prevalent scams are.

This entry was posted on September 17, 2024 at 8:43 am and is filed under Commentary with tags . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “JP Morgan Chase Is Being Used In A Banking Credentials Phishing Email… Which Goes Nowhere”

  1. The People Behind The JP Morgan Chase Email #Scam Try Again…. And Fail Miserably | The IT Nerd Says:
    September 18, 2024 at 7:59 am

    […] I brought you the story of a half baked JP Morgan Chase email scam that was making the rounds. Today, it looks like the […]

    Reply

Leave a Reply

Discover more from The IT Nerd

Subscribe now to keep reading and get access to the full archive.

Continue reading