Visiting a phishing site.

I recently received this following e-mail.

Chase Online

We’re writing to let you know that a recent unusual activity was made on your chase account.

To see a detailed notice about this situation, please log on to Chase to sign in with your correct credential(s) and go to the Account Activity page or the Account Notices page for your account.

If you aren’t enrolled to the new two-way verification process or you think you’ve received this message in error, please call our Customer Support team. To find the appropriate phone number for your account type, go to the Customer Center on Chase Online click the “Contact us” link.

Please don’t reply directly to this automatically-generated e-mail message.

Sincerely,

Online Banking Team

At first it looks serious but then, I don’t even have an account with Chase. How can there be any suspicious activity?

Then I took a look at the link in the e-mail. Curiously enough, the sender used a URL shortener service to disguise the target address. In a mood to be humored, I clicked the link anyway, and that’s when things got interesting.

I arrived at what looks like the official web site for Chase Bank. By all accounts it looks real.

2017-06-26 21_53_25-Сhase Online - Lоgon

But the site’s address in the address bar told me a different story. There was some long address that’s completely uncharacteristic of a real banking site.

In a mood to be humored further, I clicked the link for resetting my password just to see what came up and it was then I realized I had wandered into the trap. I later noticed that this same page comes up when you click on “Enroll Now”.

Look at this.

2017-06-26 22_22_18-Сhase Online - Enhanced Account Security

In order to proceed you have to enter your social security number, date of birth, your mother’s maiden name, your driver’s license number and even your credit card information, including its expiration date, CVV and PIN. On top of that there is no secure connection for transmitting this sensitive information. Had I submitted this information, I too would have fallen victim to this phishing scam. Who knows what horrors would have unfolded next.

An e-mail from Yahoo?

I got this e-mail today. At first glance it looks pretty serious.

2017-06-21 16_13_12-Inbox - Mozilla Thunderbird

Then the mood switched from serious to suspicious. I took a look at the sender’s email address and noticed it wasn’t a Yahoo address. Even more unusual was the presence of another non-Yahoo address for sending my replies.

Then there’s the question of Yahoo closing my account just because I didn’t do the upgrade, which sounds ludicrous. Yahoo Mail is web based, so there’s really nothing for me to do on my end.

Finally I took a look at the link I’m supposed to click on to verify my account. It pointed to a completely different domain other than Yahoo, so this email was probably a phishing attempt to try getting me to disclose some sensitive data such as my bank account information. Nice try. I seriously doubt Yahoo itself sends out e-mails like this one.

Should you get an email like this, it helps to analyze it like I did. If it sounds suspicious, it probably is.