Chase Online—$20 Reward Survey

This is a phishing alright! Asking for your info in a subtle way and especially telling you that you will make US $20!

The link was going to

Notice the "Chase DEMO" in the blue title bar of the HTML page. The hacker(s) used the demo version of the site to show a page which they think would look like a real version of the site (what a customer would possibly see when really connected.)

Notice the LOG OFF button. It's the default, so if you click on it, a javascript creates a popup and tells you that it won't work.

I cancelled the form entirely. It was fonctional in the hacker's version, of course. Here I put some funny information.

From Chase Manhattan Bank online department Sun Jul 9 13:06:27 2006
X-Apparently-To: via; Sun, 09 Jul 2006 13:06:29 -0700
X-Originating-IP:	[]
Return-Path:		<>
Authentication-Results:; domainkeys=neutral (no sig)
Received:		from (EHLO (
			by with SMTP; Sun, 09 Jul 2006 13:06:28 -0700
Received:		from ([]
			by with esmtp (Exim 4.44) id 1FzfXw-0005Sy-0Y
			for; Sun, 09 Jul 2006 13:06:28 -0700
Received:		by (Postfix, from userid 510) id 4840F1187A6;
                        Mon, 10 Jul 2006 05:06:27 +0900 (JST)
Subject:		Chase Online $20 Reward Survey
From:			"Chase Manhattan Bank online department" <>
Content-Type:		text/html
Message-Id:		<>
Date:			Mon, 10 Jul 2006 05:06:27 +0900 (JST)
X-Spam-Score:		3.7 (+++)
X-Spam-Report:		Spam Filtering performed by
                        See for more details.
			Report problems to
			1.0 FORGED_RCVD_HELO Received: contains a forged HELO
			0.1 HTML_40_50 BODY: Message is 40% to 50% HTML
			0.0 HTML_MESSAGE BODY: HTML included in message
			2.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
			0.5 MIME_HEADER_CTYPE_ONLY 'Content-Type' found without required MIME headers
			0.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
Content-Length:		965

Dear Chase Bank Customer,


You have been chosen by the Chase Manhattan Bank online department to take part in our quick and easy 5 question survey. In return we will credit $20 to your account - Just for your time! Helping us better understand how our customers feel benefits everyone.

With the information collected we can decide to direct a number of changes to improve and expand our online service.

We kindly ask you to spare two minutes of your time in taking part with this unique offer!


SERVICE: Chase Online. $20 Reward Survey EXPIRATION: July - 15 - 2006

Confirm Now your $20 Reward Survey with Chase Online. Reward services.


The information you provide us is all non-sensitive and anonymous No part of it is handed down to any third party groups. It will be stored in our secure database for maximum of 3 days while we process the results of this nationwide survey.


Please do not reply to this message. For any inquiries, contact Customer Service.

Document Reference: (87051203).

Copyright 1996 - 2006 Chase Bank, N.A. Member FDIC Copyright . 2006

Chase logo  Skip to main content  Accessibility Information
My Accounts
Payments and Transfers
Customer Center
Customer Center > Update Credit Card
Update Credit Card  Help with this page  

Select Credit CardYou are on step one of two. There is at least one page per step. ConfirmationStep two of two has not been completed.

Enter your credit card - You can update and confirm your credit card below.

I'd like to
  • View My Accounts
  • Return to Customer Center

Planning for your retirementis not only wise, but easy to do. Contribute to your IRA.

FREE E-mail Alerts. Monitor your accounts every day.

Credit Card information

  Account Number *  
  - -  
*Required field

Security | Terms of Use | Legal Agreements
© JPMorgan Chase & Co.