Fools Rush In – How I Narrowly Avoided A Foolish Mistake
I opened my email this morning to find an alert from Chase. I hadn’t had my coffee yet and there was a lot of kid drama in the background (someone hit someone, Bird couldn’t find her favorite shirt, Bear needed help pouring the milk, and more), so I almost followed the instructions in the email. Luckily I simply scanned it, then went to find the shirt and pour the milk. When I came back to my computer, I reread what was on the screen and immediately saw it for what it was: a total scam.
Of course, best practice when you get an email from a financial institution is to simply call them to confirm its validity – using the number directly from their website, not from the email. But when you are distracted or groggy, as I was this morning, it’s easy to think you are doing yourself a favor by just taking care of the issue right away. Phishers hope that the “convenience factor” of the links they create in their messages will prompt you to click through to their fraudulent sites, which is where they collect personal information about you.
I’m grateful that I had some time to wake up before I landed myself in a heap of trouble. It was a nice little reminder that there’s nothing wrong with taking a little extra time to do things right instead of rushing in and doing them wrong.
See if you can find all the errors in the phishing email below:
Dear Chase OnlineSM Customer:
A message regarding “This is an Alert to help manage and update your account” as part of our ongoing effort to protect your account and our relationship. Our utmost concern is the security of our online banking users. In this effect, we do proper verification on all transactions done on our secured online banking servers.
Suspicious online activity on your account were detected on our secured servers and as a matter of our improved online banking security measures, We have decided to temporarily limit your online banking access.
You will not be able to use your online account unless you re-activate your online activity but in order to do so,you will have to confirm your details by Logging on to your account to complete the verification process set out for you before we can retrieve your online access.
Verification process:
1- Download the attached document and open it in a browser window.
2- Once opened, you will be asked to follow a set of instructions.
We are indeed sorry for any inconveniences this might have caused you, but also remember that as a Chase Bank customer, your security remains our greatest priority.
The message will be available in your Secure Message Center until 05/12/2013.
Thank you for being a valued Chase customer
ABOUT THIS MESSAGE
If you want to contact Chase, please do not reply to this message, but instead go to www.chase.com (this was a link that I fortunately did not click). For faster service, please enroll or log in to your account. Replies to this message will not be read or responded to.
Your personal information is protected by advanced technology. For more detailed security information, view our Online Privacy Notice. To request in writing: Chase Privacy Operations, P.O. Box 659752, San Antonio, TX 78265-9752.
JPMorgan Chase Bank, N.A. Member FDIC
© 2013 JPMorgan Chase & Co.
LCPT336
Here’s to slowing down! May we all have a peaceful day…or at least a few moments of calm.
- If you enjoyed this post and would like to read more, consider joining the Points and Pixie Dust community by subscribing to emails (1 per day!) so you will never miss another cautionary tale.
Hi Kendra
I also received a fraudulent message from Chase a few days ago: “This is a service message regarding the Identification Code you requested.” I hadn’t requested an Identification Code, so immediately became suspicious and did not reply. It was very skillfully done. Heads up out there!
@Cabet, yes, these phishers are getting savvy! Let’s keep sharing info and hopefully we can all learn from each other.