I received an email that supposedly was from Chase. It had text similar to this below: (from this webpage)
——–
Dear Chase Customer
We recently reviewed your account, and suspect that your Chase Internet Banking account may have been accessed by an unauthorized third party.
Protecting the security of your account and of the Chase network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features.
To restore your account access, please take the following steps to ensure that your account has not been compromised:
1. Login to your Chase Internet Banking account. In case you are not enrolled yet for Internet Banking, you will have to use your Social Security Number as both your Personal ID and Password and fill in the required information, including your name and account number.
2. Review your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure no changes have been made. If any unauthorized activity has taken place on your account, report to Chase staff immediately.
To get started, please click the link below:
https://chaseonline.chase.com/colappmgr/XXX
We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire Chase system.
Thank your for your prompt attention to this matter.
Sincerely,
The Chase BankTeam.
The give away here is that Chase wouldn’t send out an email like this. If there was a problem with your account they would call you on your phone, or tell you the next time you log into the service. The way to respond to emails like this is to forward them to abuse@chase.com and you will get a response in 2 days the Chase webpage claimed.
This is typical of what are called phishing emails. They attempt to trick you into giving up your username and password so that they can enter your bank account and take your money. It is unfortunate that too many banks only use a password and username for security. Chase was hacked several years ago, and they spend hundreds of millions a year on security.
Clearly a better way than usernames and passwords are needed. I always wondered why banks don’t give their customers a SecureID token instead of the username and password. Certainly once they figure in the costs of hacking and other security issues, that has to be a cheaper option no? I can understand that they probably don’t want to bear the cost of customers losing them, but you could say that the first one is free and then each additional one becomes progressively more expensive. That would be fair.
Anyway, be careful when you get emails claiming to be from your bank, insurance company, 401K or anyplace you have money on the Internet.
The post Be cautious about emails that claim to be from your Bank appeared first on Stuff worth knowing about.