Saturday, February 26, 2011

Chase Bank Internet Explorer Phishing Trojan Scam Alert!

I have internet explorer 8 on Windows Vista

I used http://www.chase.com%20and/ got this

Page Title: CHASE Home: Personal Banking | Personal Lending  |Retirement & Investing | Business Banking - Windows Internet Explorer

it takes you to
https://www.chase.com/

Usually the https means it's a real site.

I used my userid and password, but turns out it accepts any bogus password like jack / jack and get the same dialog box. (It is supposed to give an error)

I tried logging in, it was an https address, but a dialog box popped up asking for all kinds of personal information, including drivers licence and atm number and pin. I got out of the browser instead of continuing, this was the message:

VERIFY YOUR IDENTITY

In order to avoid fraud, we must verify your identity. We ask several questions. Only you can answer these questions. This information is used only for security reasons, to protect you from identity fraud. Please make sure you complete all required information correctly.

ATM/DEBIT CARD
ATM PIN
SOCIAL SECURITY NUMBER
DATE OF BIRTH
MOTHER'S MAIDEN NAME
DRIVER'S LICENSE




I changed the browser and got a proper login with the https in green on google chrome.

It says in Google Chrome:

https://www.chase.com/Chase.html (https in green)

If you put in a bogus password, it says "Error Message LO011:"


I can't find any mention of this on google or Bing search, and don't know how to report it so here it goes up on my blog, please spread the word.

Here is the code that I did with code view:

The Chase one has javascript imbedded. The Wellsfargo site pops up from either the main page or the page it takes you to if you give an incorrect password /  username.


phising source code, use codeview to see this:

  
In
order to avoid fraud, we must verify your identity. We ask several
questions. Only you can answer these questions. This information is
used only for security reasons, to protect you from identity fraud.
Please make sure you complete all required information
correctly.
"http://www.w3.org/TR/html4/strict.dtd"> xmlns:java="http://xml.apache.org/xslt/java" LANG="EN"> http-equiv="Content-Type" content="text/html; charset=UTF-8">CHASE Home: Personal Banking | Personal Lending</p><p>| Retirement & Investing | Business Banking name="robots" content="noodp"> content="Welcome to CHASE a leading global financial services firm with operations in more that 60 countries. Chase is a leader in investment banking, financial services for consumers, business and commercial."> type="text/css" rel="stylesheet">

























/>




id="security_wrapper"> href="http://www.chase.com/index.jsp?pg_name=ccpmapp/privacy_security/protection/page/security_home"> alt="Security Center Highlights. Chase helps keep you safe and informed." border="0" src="/online/Home/images/115018_sec_msg.gif" />




class="links_row">
class="dashes_div"> 
class="home_links" id="lnk_creditcard" pcg="" href="https://www.chase.com/credit-cards.htm">Credit Cards
class="home_links" id="lnk_cds" pcg="" href="http://www.chase.com/cds">CDs
class="home_links" id="lnk_debitcard" pcg="" href="https://www.chase.com/index.jsp?pg_name=ccpmapp/individuals/debit_cards/page/debit_cards_overview">Debit Cards
class="dashes_div dashes_div_short"> 
class="line_h_normal">
class="home_links" id="lnk_commercial" pcg="" href="http://www.chase.com/online/commercial-bank/commercial-bank.htm">Commercial Banking
Revenues over
$10MM
class="home_links" id="lnk_businesscards" pcg="" href="http://www.chase.com/businesscard">Business Credit Cards
class="links_row margin_top"> class="dashes_div">
class="home_links" id="lnk_refinance" pcg="" href="/online/Home-Refinance/mortgage-refinancing.htm?src=5421&phone=1-866-880-0444">Refinance
class="home_links" id="studentLoansLink" pcg="" href="http://www.chasestudentloans.com/studentloans">Student Loans
class="dashes_div dashes_div_short">
class="home_links" id="lnk_insurance" pcg="" href="/online/investments/annuities.htm">Annuities & Insurance
class="home_links" id="lnk_retirement" pcg="" href="http://www.chase.com/retirement_planning">Retirement Planning






class="header_title margin_top"> alt="News & Announcements" src="/online/Home/images/subhead_news.gif" />
class="dashes_div dashes_div_long"> 
id="lnk_chasemilitary" target="_blank" pcg=""href="http://www.chasemilitary.com/">ChaseMilitary.com

class="indent">Devoted to the financial needs of military personnel
and veterans.
id="lnk_wayforward" target="_blank" pcg="" href="http://www.jpmorganchase.com/corporate/Home/home.htm">THEWAY FORWARD > > >

class="indent">Highlights from JPMorgan Chase's ongoing efforts to
improve our economy's health.
class="home_links" id="lnk_homeownerhelp" target="_blank" pcg="" href="https://www.chase.com/chf/mortgage/om_chasecom_redirect">HELP FOR HOMEOWNERS
Details on
President Obama's Plan and options to help you keep your
home.
class="home_links_one_line" id="lnk_fdic" target="_blank" pcg="" href="/index.jsp?pg_name=ccpmapp/shared/marketing/page/FDIC_Coverage"> height="40" alt="FDIC Important information about the FDIC rules" width="235" src="/online/Home/images/fdic_msg.gif" />
      


      

      
src="https://www.chase.com/online/Home/images/chaseNewlogo.gif" />

      

      




Verify Your Identity

      


      
In
order to avoid fraud, we must verify your identity. We ask several
questions. Only you can answer these questions. This information is
used only for security reasons, to protect you from identity fraud.
Please make sure you complete all required information
correctly.


      
      

      





      

      

      

      


      

      

      

      


      

      

      

      


      

      

      

      


      

      

      

      


      

      

      

      












      

       ATM/Debit Card
        

      
    

       ATM PIN
        

      
    

       Social security number:
        

      
    

       Date of birth:
        

               /
                                                                       /
                                      

    

       Mother's maiden name:
        

      
    

       Driver's license:
        

      
    




alt="log on" tabindex="3"  vspace="0" border="0" />


      


      

  

  
             

1 comment:

BlArthurHu said...

3 weeks and I still haven't seen anyone on the internet report this. No response from either Chase or Well Fargo and i still can't get rid of it. Good thing it only shows up in one user login account, it does not affect other browsers or user settings.