Last week we revealed how the account structure of Wells Fargo was used by cybercriminals who registered a similar domain.
Now it’s the time of Chase Bank; cybercriminals registered the domain updateaccountonline.com and are using it in phishing emails.
Falsifying the email so as to appear to arrive from Chase Bank, the registrant of the domain set up a portal page that looked like an official landing page.
Capture of the domain UpdateAccountOnline.com via DomainTools.
The purpose is obvious: once there, the unsuspecting visitor is prompted to enter their username and password details, that are duly relayed to the cybercriminals, that usually reside in Russia or Ukraine.
The same method has been used time and again to target domain owners and their accounts at popular domain registrars, such as GoDaddy.
Domain owners are advised to enable two-factor authentication to avoid losing their domains to thieves.
To avoid being defrauded by such far-reaching cybercriminals, never click on email links but rather connect directly to your accounts by typing them in.
