NOTE: Check out the typo in the subject line ... red flag. Here's an example of a classic phishing email. The author is spoofing Chase bank's email and making this appear legitimate in the hope you click on the(stripped) link and enter your account information. At which point you will lose complete control of your account and it will be drained of whatever funds may be in it, however small or large. Good luck fighting the bank on that one. Even if you do win, it will be a pain until that time and you will have a dead account. You;ll also find new cards opened in your name and with luck you'll lose your tax refund next year too!!!! Be very careful with phishing emails. If you receive one of these, delete it immediately. If you have any question about your account integrity, open your browser and go directly to that financial institutions web page. NEVER CLICK ON LINKS IN EMAILS LIKE THIS!!!!!
From: "chase.com" <update@chase.com> To: user <update@chase.com>07:03:32 CST, Monday 04 November 2019
Attachments: None
Message ID: <Yzo7VVTfTVWlRaoiR6LfwQ@ismtpd0004p1sjc2.sendgrid.net>
Return Path: <bounces+8652881-7624- = .com@sendgrid.net>
Reply To:
MIME Version: 1.0
Content Type: multipart/alternative; boundary="===============0047916691=="
Attachments:
None
Received:
from mx1-us2.ppe-hosted.com (unknown [10.110.49.32]) by pure.maildistiller.com with ESMTPS id D6EB1E006B for < >; Mon, 4 Nov 2019 13:03:31 +0000 (UTC)
from wrqvxdnx.outbound-mail.sendgrid.net (wrqvxdnx.outbound-mail.sendgrid.net [149.72.173.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1-us2.ppe-hosted.com with ESMTPS id 9954C280082 for < >; Mon, 4 Nov 2019 13:03:31 +0000 (UTC)
by filter0138p3las1.sendgrid.net with SMTP id filter0138p3las1-27471-5DC02076-4B 2019-11-04 12:58:30.824950583 +0000 UTC m=+308107.710114611
from [216.170.112.139] (unknown [216.170.112.139]) by ismtpd0004p1sjc2.sendgrid.net (SG) with ESMTP id Yzo7VVTfTVWlRaoiR6LfwQ Mon, 04 Nov 2019 12:58:30.527 +0000 (UTC)
Image removed - click Show Images to View
Your Chase Banking has been disabled
Your password has been disabled due to multiple use of incorrect login details. For your security, we have disabled your Online banking.
To restore your account and continue the use of online banking and stop further disabling of your bank account,
click here to restore and protect your account online.
If you have any questions, we are available 24 hours a day, 7 days a week.
Thank you for choosing Chase.
If you're concerned about the authentιcity of this messαge, please visit our fraud information page or cαll us using the phοne number on the back of your cαrd or accοunt stαtement.
If you reply to this messαge, we will not be able to read or respond to it.
You will find a confirmation of this message in your Messages & Alerts inbox.
Chase Online Customer Service
© 2019 JPMorgan Chase & Co.
Image removed - click Show Images to View
Image removed - click Show Images to View
Envelope Sender: <bounces+8652881-7624- = .com@sendgrid.net>
'From' Header: "chase.com" <update@chase.com>
Subject: Security Upadte
Timestamp: 07:03:32 CST, Monday 04 November 2019
Message-ID: <Yzo7VVTfTVWlRaoiR6LfwQ@ismtpd0004p1sjc2.sendgrid.net>
Attachments: None
Classification: Malicious
Threat Level: High
Confidence: Very High
Classification Breakdown:
TAGS CONFIDENCE
Phishing Very High
Spam Very High
Client IP Address: 149.72.173.42
Client GeoIP Lookup: United States
Email Size: 23.6 kB
Encrypted? No
No comments:
Post a Comment