A new “phishing” scam designed to steal customers’ credit, ATM or debit card and online banking information has been identified by bank officials.

“It has been reported that some customers are getting an e-mail with the Chase name and logo telling them to go to Chase.com to update their card information, but the link provided takes them to a different site,” said Nancy Kissinger, president of Chase in Beckley. “This scam e-mail mimics Chase’s security alert messages.”

Kissinger is warning customers to beware of such scams and to remember that banks never send e-mails asking for personal information.

“We would never ask for your Social Security number,” she said. “You should never give out your Social Security number.”

The scam tells those who open the e-mail, “Your online credit card account has high-risk activity status.”

The e-mail goes on to say that bank officials are contacting customers to remind them that the bank’s account review team identified some unusual activity with their bank account.

The scam encourages Chase customers to log on to a link provided in the e-mail to restore their online account, which they say has been limited and faces possible closure. The e-mail goes on to say that the notification is part of a program the customer enrolled in to receive an activity report online.

“If customers get one of these e-mails, they should just delete it,” Kissinger said.

If a customer provided any personal information, such as a credit card number, personal identification number (PIN) or Social Security number, it may be necessary to close their accounts and reopen them with new account numbers.

“Customers should contact the Internet Service Center (ISC), especially if customers gave out their user ID and password,” Kissinger said. “The ISC can immediately block online access and get a new user ID and password set up.”

For Chase.com customers, call 877-242-7372. For BankOne.com customers, call 800-482-3675.

“If customers also provided their Social Security number, we suggest they call the Social Security Fraud Hotline at 800-269-0271,” Kissinger said. “They should also contact one of the major three credit bureaus — TransUnion, Experian and Equifax — to place a fraud alert.”

Kissinger said Internet fraud and e-mail scams are on the rise.

“This has become a big problem all over the country for many banks,” she said. “This is something we are seeing in the news on almost a daily basis now.”

A recent report by a coalition of consumer groups, technology vendors, financial services organizations and law enforcement agencies is calling on companies that do business on the Internet to step up their consumer education efforts.

Internet service providers and e-commerce sites can employ more tools to combat phishing scams, including “whitelists” of legitimate Web sites and using false identification information to scam the scammers, according to the 57-page report released Thursday, which was published by the National Consumers League.

Among the more novel techniques recommended by the group was for Internet companies and law enforcement agencies to enter false information, such as bogus credit card numbers, into phishing Web sites, allowing police to find phishing scammers by tracking the use of those false numbers.

“This type of disinformation done by the good guys can be used to track the bad guys,” said Peter Swire, a law professor at Ohio State University and collaborator on the report, titled “A Call for Action.”

The report also calls on technology companies to build anti-phishing security into products and for ISPs and domain name registrars to explore using both white lists and black lists to separate legitimate Web sites from phishing sites. An industry black list of known phishing sites could help ISPs flag or recall phishing e-mail messages before the recipient opens the e-mail, Swire said. The average piece of e-mail sits in an inbox for about 12 hours before a recipient opens it, he said.

In a typical phishing scam, a scammer sends out spam telling recipients to update their personal information at a banking or e-commerce Web site. The e-mail includes a link to a fake Web site designed to look like a real bank or e-commerce site, and Internet users who enter their personal information become victims of identity theft.

About 2.2 million Internet users become victims of ID theft every year through phishing scams, according to previously published reports.

The report also recommends that Internet companies study phishing scams to learn how phishers operate, and calls for better authentication technologies for both Web sites and users.

— E-mail:


React to this story:


Trending Video