Armed Polite Society

Main Forums => The Roundtable => Topic started by: 280plus on April 03, 2006, 03:38:06 PM

Title: Yet another Email scam
Post by: 280plus on April 03, 2006, 03:38:06 PM

The EBAY scam thread reminded me. I got an email today supposedly from somewhere Africa and the guy says he wants to check on price and availability on some SOLAR PANELS. I ALMOST went for it but not quite. First off, I HAVE NO solar panels for sale. I hit the old spam button on that one. I wish I had copied and saved it for youse though.

Title: Yet another Email scam
Post by: K Frame on April 03, 2006, 03:52:56 PM

I got a phishing scam today from a site purporting to be Chase Online Banking.

I have a credit card with Chase, but not OLB.

Title: Yet another Email scam
Post by: mtnbkr on April 03, 2006, 04:01:08 PM

I've been getting a lot of Chase related spam lately.  I have a chase card, but it hasn't seen any action in years.  I'm not even sure they have my current email address.  The link takes you to something like chasebanking..com.  Definately not a chase site...

Chris

Title: Yet another Email scam
Post by: Phantom Warrior on April 03, 2006, 07:53:52 PM

mtnbkr has a good point.  If you go the the link and your Address Bar says something like "www.cheapclickpoints.com/ebay.html" or "125.34.2.78/ebay.html" instead of "www.ebay.com" that's a big tip off.

Title: Yet another Email scam
Post by: Sylvilagus Aquaticus on April 03, 2006, 08:42:34 PM

I've been getting the Chase Bank phishing scam for a couple of months now.  The guys at spoof@chase.comand i are on a first-name basis now.

Any time I get one, I report the frazzlin' thing...Paypal, Wells Fargo, Chase.

Regards,
Rabbit.

Title: Yet another Email scam
Post by: K Frame on April 04, 2006, 04:41:43 AM

This Chase spoof was actually better than most. The URL resolved to something very similar to a Chase address, to the point where it looked like an alternate Chase server, but the wording in the e-mail was very suspicious.

The grammar was pretty much fine, but the construction was such that it was pretty easy to tell that the writer had been formally taught English, but had never really used it conversationally before.

That, and I sincerely doubt if Chase is going to miss capitalizing its own name.

Title: Yet another Email scam
Post by: K Frame on April 04, 2006, 04:46:51 AM

Hey, I still had it in my trash folder...

Here's the text. I've bolded the suspect text...



"Dear member,

You have received this email because we have strong reason to believe that your chase account had been recently compromised. In order to prevent any fraudulent activity from occurring we are required to open an investigation into this matter.

If your account informations are not updated within the next 72 hours, then we will assume this account is fraudulent and will be suspended. We apologize for this inconvenience, but the purpose of this verification is to ensure that your chase account has not been fraudulently used and to combat fraud.

Please login into your Chase Online account and complete verification process

We apologize in advance for any inconvenience this may cause you and we would like to thank you for your cooperation as we review this matter.
Note: Chase will never ask your ATM pin number.

Regards,
Chase Online Personal Banking."


The address that it resolved to is:

www.arch.columbia.edu/.www.chase.com/chase/index.htm

Title: Yet another Email scam
Post by: mtnbkr on April 04, 2006, 05:36:14 AM

That's basically what I received.  I normally don't even open them since most CC companies call or write (snailmail) if there are real issues.  However, I was curious since it was so well crafted.  

To my knowledge, no company dealing with sensitive customer info uses third party domains when processing your data.  If a "Chase" link doesn't go to .Chase.com or a variation of that (such as chasebank.com), it's immediately suspect.  The .com is the "root" of a company's domain, any subsystems are going to be <sub>.chase.com, for example.  Not the other way around...

Mike, that resolves to Columbia Univ, I'd forward it to their IT dept.  

The ones I got were to some offshore server, not worth following up...

Chris</sub>

Title: Yet another Email scam
Post by: K Frame on April 04, 2006, 06:09:10 AM

Chris,

I tried to figure out how to forward it to their IT department, but there doesn't seem to be anything on their website saying how to contact them.

Title: Yet another Email scam
Post by: Phantom Warrior on April 04, 2006, 07:33:38 AM

I managed to track down an on-line comment form here on Columbia's website.  It's a little odd because it's meant for people that can't log in.  In typical college fashion, their complaint system is meant for students to log in to with their network ID and password.  I couldn't find a specific e-mail address for complaints.  This is probably your best bet.

Title: Yet another Email scam
Post by: K Frame on April 04, 2006, 07:48:17 AM

I found the e-mail address for the IT System Administrator, so I forwarded it to him.