Date: Wed, 10 Oct 2012 11:48:49 -0300
From: "Chase.com" [noreply@sprint.com]
Subject: Chase: your credit cars account
This is an Alert to help you manage your credit card account.
As you requested, we are notifying you of any charges over the amount of ($USD) 200.00, as specified in your Alert settings. A charge of ($USD) 233.30 at Apple Store has been authorized on Wed, 10 Oct 2012 11:48:49 -0300.
Do not reply to this Alert.
If you have questions, please call the number on the back of your credit card, or send a secure message from your Inbox on www.Chase.com/secure_m/id=34F4A5C
To see all of the Alerts available to you, or to manage your Alert settings, please log on to www.Chase.com.
The malicious payload is at [donotclick]3.azwap.de/links/assure_numb_engineers.php hosted on 69.194.194.229 (Solar VPS, US)
Another sample email:
This is an Alert to help you manage your credit card account.
As you requested, we are notifying you of any charges over the amount of ($USD) 200.00, as specified in your Alert settings. A charge of ($USD) 669.84 at eStore has been authorized on Wed, 10 Oct 2012 11:31:42 -0400.
Do not reply to this Alert.
If you have questions, please call the number on the back of your credit card, or send a secure message from your Inbox on www.Chase.com/customer_login/u=83669F
To see all of the Alerts available to you, or to manage your Alert settings, please log on to www.Chase.com.
I got it too and the email itself looks very legitimate... I can't imagine how many people are going to click on that link.
ReplyDeleteHope the sender(s) can be caught/prosecuted for such acts.