Saturday, October 26, 2019

Security Update

NOTE: How exciting ... a classic phishing email. This joker is trying to pose as Chase Bank but falls short with the sendgrid.net email address and further with the bogus links that were stripped from this copy. This crook is hoping you'll fall for the scam and as soon as you login to your Chase account you just gave this criminal access to your account. Watch out, this one will wipe you out before you can blink an eye. If you doubt the authenticity of  an "official" email your best defense it to NOT CLICK ANY LINKS in the email but go directly to the web page in question via your browser.


From: "chase.com" <update@chase.com> To: user <update@chase.com>17:18:56 CDT, Saturday 26 October 2019
Attachments: None
Message ID: <sQLA-9rgTwagDcTcP-gnPQ@ismtpd0038p1las1.sendgrid.net>
Return Path: <bounces+11514390-416f-=@sendgrid.net>
Reply To:
MIME Version: 1.0
Content Type: multipart/alternative; boundary="===============0293878941=="
Attachments:
None
Received:
from mx1-us1.ppe-hosted.com (unknown [10.110.48.234]) by pure.maildistiller.com with ESMTPS id DFAB180064 for <>; Sat, 26 Oct 2019 22:18:55 +0000 (UTC)

from wrqvxcnz.outbound-mail.sendgrid.net (wrqvxcnz.outbound-mail.sendgrid.net [149.72.172.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1-us1.ppe-hosted.com with ESMTPS id 7FE15780064 for <>; Sat, 26 Oct 2019 22:18:55 +0000 (UTC)

by filter0215p1iad2.sendgrid.net with SMTP id filter0215p1iad2-15920-5DB4C3D8-21 2019-10-26 22:08:25.395622148 +0000 UTC m=+101340.003634335

from [23.94.245.115] (host.colocrossing.com [23.94.245.115]) by ismtpd0038p1las1.sendgrid.net (SG) with ESMTP id sQLA-9rgTwagDcTcP-gnPQ Sat, 26 Oct 2019 22:08:24.767 +0000 (UTC)


Image removed - click Show Images to View
Your Chase Banking has been disabled
Your password has been disabled due to multiple use of incorrect login details. For your security, we have disabled your Online banking.
To restore your account and continue the use of online banking and stop further disabling of your bank account,
click here to restore and protect your account online.
If you have any questions, we are available 24 hours a day, 7 days a week.
Thank you for choosing Chase.
If you're concerned about the authentιcity of this messαge, please visit our fraud information page or cαll us using the phοne number on the back of your cαrd or accοunt stαtement.
If you reply to this messαge, we will not be able to read or respond to it.
You will find a confirmation of this message in your Messages & Alerts inbox.
Chase Online Customer Service
© 2019 JPMorgan Chase & Co.




Envelope Sender: <bounces+11514390-416f-=@sendgrid.net>
'From' Header: "chase.com" <update@chase.com>
Subject: Security Update
Timestamp: 17:18:56 CDT, Saturday 26 October 2019
Message-ID: <sQLA-9rgTwagDcTcP-gnPQ@ismtpd0038p1las1.sendgrid.net>
Attachments: None
Scan Information
Classification: Malicious
Threat Level: High
Confidence: Very High
Classification Breakdown:
TAGS CONFIDENCE
Phishing Very High
Spam Very High

Client IP Address: 149.72.172.46
Client GeoIP Lookup: United States
Email Size: 23.9 kB
Encrypted? No

No comments:

Post a Comment