English

Chase Credit Card ‘Thank-You For Scheduling Payment’ Malware Email

April 6, 20190

Outline

Email purporting to be from Chase Credit Cards thanks you for scheduling a recent payment ‘as an attachment’ and claims that the payment will be credited to your account.  




Brief Analysis

Although it is designed to look like an authentic banking notification, the email is not from Chase. The attached .zip file harbours a trojan that can connect to remote servers operated by cybercriminals and download and install further malware. If you receive one of these emails, do not open any attachments or click any links that it contains.

Example

Subject: Thank you for scheduling your online payment

Dear

Thank you for scheduling your recent credit card payment as an attachment. Your payment in the amount of 3898.96 will be credited to your credit card account (CREDIT CARD) ending in 0542 on 04/07/2015.

Now that you’re making your payment online, are you aware of all the convenient ways you can manage your account online?

See statements – Choose to stop receiving paper statements, and see up to six years of your statements online.
See automatic payments – Set up monthly payments to be made automatically.
Transfer a balance – Transfer a balance to your credit card account.
Go to Personalized Alerts – Schedule Alerts to remind you of key account activity.

You can also see past payments you’ve made online by logging on to www.chase.com/creditcards and clicking “See/cancel payments” under “I’d like to …”

If you have questions, please call the Customer Service number on the back of your credit card.

Thanks again for using online payments.

Sincerely,
Cardmember Services

Chase Bank Credit Card Malware Message

 

Detailed Analysis

This email, which purports to be from credit card services at Chase bank, thanks you for scheduling a recent credit card payment ‘as an attachment’. It claims that 3898.96 will be credited to your credit card account as a result.

The email features the Chase logo and colour scheme and includes several links that open the genuine Chase website.  



It also includes an attached .zip file that contains the word ‘payment’ along with a string of letters and numbers. However, the email is certainly not from Chase.

At first take, the message may seem like a  typical phishing scam  designed to trick you into supplying personal and financial information.

However, this attack has a different purpose. The attached file contains a trojan. Once installed, this trojan can connect to remote servers controlled by criminals and then download further malware. This malware may steal sensitive information from the infected computer and allow criminals to control the computer for their own nefarious ends.

As  malware messages  go, this example is quite sophisticated. The message may look like a genuine Chase notification. And, because links in the message lead to the genuine Chase website, recipients may be more inclined to open the attached file.

Details in the messages may vary. If you receive one of these emails, do not open any attachments that it contains and do not click any links.









Original Source : https://www.hoax-slayer.net/chase-credit-card-thank-you-for-scheduling-payment-malware-email/