Domain crime : Cybercriminals target Chase accounts on .COM and .XYZ domains

Capitalizing on the fear of having one’s Chase account suspended for lack of supposed “updates,” cybercriminals are using bank-related domains to launch phishing campaigns.

Two days ago, a sizable campaign was launched involving several dozen emails; the domains used in this spear-phishing campaign were:

chase-authorize.com
chasehelp-chase.com
chaselogin-chase.xyz
login-yourchase.com
yourchase-login.com

We contacted the XYZ Registry who moved surprisingly swiftly to disable the domain.

Within the hour, Shayan Rostam, Global Director of Registry Operations at the XYZ Registry, confirmed the suspension of the domain at the Registry.

phishing

chaselogin-chase.xyz was suspended by the XYZ Registry

Despite the WHOIS info displaying Chinese credentials, the cybercriminals are most likely from Ukraine or Russia, as in past attempts to hijack Chase Bank accounts.

The .com domains are now inactive as well, although one might receive a forgery warning from Google prior to visiting; they do not resolve.

An example of a phishing email targeting Chase customers.

An example of a phishing email targeting Chase customers.

Billions of dollars are lost every year as cybercriminals access bank accounts of unsuspected victims via the email phishing method.

To avoid such devastating incidents, never click on email links and visit your financial institution’s web site directly.

 

 

Copyright © 2024 DomainGang.com · All Rights Reserved.