Capitalizing on the fear of having one’s Chase account suspended for lack of supposed “updates,” cybercriminals are using bank-related domains to launch phishing campaigns.
Two days ago, a sizable campaign was launched involving several dozen emails; the domains used in this spear-phishing campaign were:
chase-authorize.com
chasehelp-chase.com
chaselogin-chase.xyz
login-yourchase.com
yourchase-login.com
We contacted the XYZ Registry who moved surprisingly swiftly to disable the domain.
Within the hour, Shayan Rostam, Global Director of Registry Operations at the XYZ Registry, confirmed the suspension of the domain at the Registry.
chaselogin-chase.xyz was suspended by the XYZ Registry
Despite the WHOIS info displaying Chinese credentials, the cybercriminals are most likely from Ukraine or Russia, as in past attempts to hijack Chase Bank accounts.
The .com domains are now inactive as well, although one might receive a forgery warning from Google prior to visiting; they do not resolve.
An example of a phishing email targeting Chase customers.
Billions of dollars are lost every year as cybercriminals access bank accounts of unsuspected victims via the email phishing method.
To avoid such devastating incidents, never click on email links and visit your financial institution’s web site directly.
I feel like we will see more of this at Chase and other banks who have begun to put in more machines and hire less tellers.I recently left Chase because I was tired of waiting in line for one teller and when I spoke to the branch manager to complain about this problem she suggested I start using their automated system. I am old fashioned and want to speak to another human when handling my money. She made me feel like it was all about money and interacting with customers was a nuisance.