496
Chase Online—$20 Reward Survey
This is a phishing alright! Asking for your info in a subtle way and especially telling you that you will make US $20!
The link was going to http://sege02.ipicyt.edu.mx/chaseonline.chase.com/update.htm
Notice the "Chase DEMO" in the blue title bar of the HTML page. The hacker(s) used the demo version of the site to show a page which they think would look like a real version of the site (what a customer would possibly see when really connected.)
Notice the LOG OFF button. It's the default, so if you click on it, a javascript creates a popup and tells you that it won't work.
I cancelled the form entirely. It was fonctional in the hacker's version, of course. Here I put some funny information.
From Chase Manhattan Bank online department Sun Jul 9 13:06:27 2006
X-Apparently-To: alexis_wilke@yahoo.com via 206.190.39.161; Sun, 09 Jul 2006 13:06:29 -0700
X-Originating-IP: [66.35.250.206]
Return-Path: <arai@utsubo.dyndns.org>
Authentication-Results: mta135.mail.mud.yahoo.com from=chase.co; domainkeys=neutral (no sig)
Received: from 66.35.250.206 (EHLO mail.sourceforge.net) (66.35.250.206)
by mta135.mail.mud.yahoo.com with SMTP; Sun, 09 Jul 2006 13:06:28 -0700
Received: from 221x250x225x243.ap221.ftth.ucom.ne.jp ([221.250.225.243] helo=utsubo.dyndns.org)
by mail.sourceforge.net with esmtp (Exim 4.44) id 1FzfXw-0005Sy-0Y
for alexis_wilke@users.sourceforge.net; Sun, 09 Jul 2006 13:06:28 -0700
Received: by utsubo.dyndns.org (Postfix, from userid 510) id 4840F1187A6;
Mon, 10 Jul 2006 05:06:27 +0900 (JST)
To: alexis_wilke@users.sourceforge.net
Subject: Chase Online $20 Reward Survey
From: "Chase Manhattan Bank online department" <service@chase.co>
Content-Type: text/html
Message-Id: <20060709200627.4840F1187A6@utsubo.dyndns.org>
Date: Mon, 10 Jul 2006 05:06:27 +0900 (JST)
X-Spam-Score: 3.7 (+++)
X-Spam-Report: Spam Filtering performed by sourceforge.net.
See http://spamassassin.org/tag/ for more details.
Report problems to http://sf.net/tracker/?func=add&group_id=1&atid=200001
1.0 FORGED_RCVD_HELO Received: contains a forged HELO
0.1 HTML_40_50 BODY: Message is 40% to 50% HTML
0.0 HTML_MESSAGE BODY: HTML included in message
2.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.5 MIME_HEADER_CTYPE_ONLY 'Content-Type' found without required MIME headers
0.1 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
Content-Length: 965
Dear Chase Bank Customer,
CONGRATULATIONS!
You have been chosen by the Chase Manhattan Bank online department to take part in our quick and easy 5 question survey. In return we will credit $20 to your account - Just for your time! Helping us better understand how our customers feel benefits everyone.
With the information collected we can decide to direct a number of changes to improve and expand our online service.
We kindly ask you to spare two minutes of your time in taking part with this unique offer!
SERVICE: Chase Online. $20 Reward Survey EXPIRATION: July - 15 - 2006
Confirm Now your $20 Reward Survey with Chase Online. Reward services.
The information you provide us is all non-sensitive and anonymous No part of it is handed down to any third party groups. It will be stored in our secure database for maximum of 3 days while we process the results of this nationwide survey.
Please do not reply to this message. For any inquiries, contact Customer Service.
Document Reference: (87051203).
Copyright 1996 - 2006 Chase Bank, N.A. Member FDIC Copyright . 2006
  |
Chase.com | Contact Us | Privacy Policy | |
|
|
|
|
|
| > Update Credit Card |
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| | © JPMorgan Chase & Co. |
