Sponsored by..

Wednesday 10 October 2012

Chase credit cards spam / 3.azwap.de

This fake Chase spam leads to malware on 3.azwap.de:

Date:      Wed, 10 Oct 2012 11:48:49 -0300
From:      "Chase.com" [noreply@sprint.com]
Subject:      Chase: your credit cars account

This is an Alert to help you manage your credit card account.


As you requested, we are notifying you of any charges over the amount of ($USD) 200.00, as specified in your Alert settings. A charge of ($USD) 233.30 at Apple Store has been authorized on Wed, 10 Oct 2012 11:48:49 -0300.


Do not reply to this Alert.


If you have questions, please call the number on the back of your credit card, or send a secure message from your Inbox on www.Chase.com/secure_m/id=34F4A5C



To see all of the Alerts available to you, or to manage your Alert settings, please log on to www.Chase.com.

The malicious payload is at [donotclick]3.azwap.de/links/assure_numb_engineers.php hosted on 69.194.194.229 (Solar VPS, US)

Another sample email:

 This is an Alert to help you manage your credit card account.

As you requested, we are notifying you of any charges over the amount of ($USD) 200.00, as specified in your Alert settings. A charge of ($USD) 669.84 at eStore has been authorized on Wed, 10 Oct 2012 11:31:42 -0400.

Do not reply to this Alert.

If you have questions, please call the number on the back of your credit card, or send a secure message from your Inbox on www.Chase.com/customer_login/u=83669F

To see all of the Alerts available to you, or to manage your Alert settings, please log on to www.Chase.com.


1 comment:

CoryH said...

I got it too and the email itself looks very legitimate... I can't imagine how many people are going to click on that link.

Hope the sender(s) can be caught/prosecuted for such acts.