Date: 11-28-2003 11:24:53 From: Chase Financial Services Subject: Important Security Alert Message: Over the past few days several Chase customers and non-customers have reported receiving an e-mail from Chase claiming that: "We encountered a billing error when attempting to renew your Chase online banking services. This type of error usually indicates that either the credit card you have on file has expired or that the billing address we have is not current." The e-mail then requests you take a moment to update your information and provides a link to a website that appears to be a Chase web page. Please note, THIS E-MAIL DID NOT COME FROM CHASE and any information you submit on the site will not be sent to Chase. If you receive such an e-mail DO NOT RESPOND. If you have already responded please notify us immediately via your secure message account or call 1-800-981-8359. As always, to protect the security of your online account, please remember: - Chase will never request that you send your Chase Online(SM) User ID, password or other personal information in an e-mail - If you are contacted or receive an e-mail seeking this information, please DO NOT respond and please notify Chase immediately. - You should never send your online password, PIN or any other personal or sensitive information to anyone via an unencrypted (unsecure) e-mail channel. Most public Internet e-mail is unsecure. Check with your e-mail provider for details about security of your transmissions through them. - If you need to communicate with Chase, you may do so securely by logging into Chase Online and using this Message Center. Please note, this message will automatically be deleted from your mailbox. 11/29/2003 08:20 PM EST This site is directed at persons in the United States only. © Copyright 2003 J.P. Morgan Chase & Co. All rights reserved.
There's a lot of this kind of stuff going around. If I get a message like this, I never respond via the web link. I always call and ask if the info is needed. This happened on my Compuserve account once. They had me forward the e-mail to them and I guess they were able to track down who was doing it. The web is becoming increasingly a target for con artists, because it's hard to control, not governed by the same rules as mail or telephone. I guess my message is be careful and check everything out first.
Give 'em a bunch of phony info. If everybody does this, they'll have to search through reams of false data for the real victims' information. And they may make themselves more obvious to authorities by their failed efforts to get into nonexistent bank accounts (their credit card software will do a checksum on the CCs and reject 'em, so they'll never send out such info to the CC processors).
