This post contains references to products from one or more of our advertisers. We may receive compensation when you click on links to those products. For an explanation of our Advertising Policy, visit this page.

It’s one of the oldest tricks in the book — scammers send a generic email to thousands or millions of email accounts, prompting the recipient to click a link and “log in” with their account credentials. Rather than granting access to the site as expected, usernames and passwords are transmitted directly to the scammers, who can in turn use that information to access your account.

This week, a new email is making the rounds. TPG Lounge member Hannah Goh shared a message she received that appeared to be from Chase. While a close examination of the email text makes it clear that it’s not authentic, it’s easy enough to skim the message, click the link and accidentally hand over your banking credentials.

The email text begins:

“Dear Chase Customer: Just to let you know that we noticed unusual activities on your Account during our regular update today. It is either your details have been changed or incomplete…”

It goes on to prompt the recipient to “verify your details to regain access to credit or debit card.” If you click the link and enter your credentials, they’ll be instantly transmitted to the bad guys. No bueno.

As Hannah suggests in her post, you should forward any such messages to a dedicated address at your bank. I’ve rounded up some key contacts below:

  • Amex: spoof@americanexpress.com
  • Bank of America: abuse@bankofamerica.com
  • Capital One: abuse@capitalone.com
  • Chase: abuse@chase.com
  • Citi: spoof@citicorp.com

You should also forward the message to the Federal Trade Commission (FTC) spam address at spam@uce.gov, and consider sharing it in the TPG Lounge, giving your fellow points and miles enthusiasts a heads up.

If you do click a link and unintentionally transmit your credentials, be sure to change your password immediately — for that account and anywhere else you use those details online, since criminals can use your username and password to access other websites, too. This also serves as a good reminder to ensure that two-factor authentication is turned on, and to review and follow our 6 Tips for Keeping Your Credit Card Safe Online.

Featured photo by rawpixel on Unsplash

Know before you go.

News and deals straight to your inbox every day.

2018 TPG Award Winner: Mid-Tier Card of the Year
Chase Sapphire Preferred® Card

NEW INCREASED OFFER: 60,000 Points

TPG'S BONUS VALUATION*: $1,200

CARD HIGHLIGHTS: 2X points on all travel and dining, points transferrable to over a dozen travel partners

*Bonus value is an estimated value calculated by TPG and not the card issuer. View our latest valuations here.

Apply Now
More Things to Know
  • Earn 60,000 bonus points after you spend $4,000 on purchases in the first 3 months from account opening. That's $750 toward travel when you redeem through Chase Ultimate Rewards®
  • 2X points on travel and dining at restaurants worldwide & 1 point per dollar spent on all other purchases.
  • Get 25% more value when you redeem for airfare, hotels, car rentals and cruises through Chase Ultimate Rewards. For example, 60,000 points are worth $750 toward travel
Intro APR on Purchases
N/A
Regular APR
18.24% - 25.24% Variable
Annual Fee
$95
Balance Transfer Fee
Either $5 or 5% of the amount of each transfer, whichever is greater.
Recommended Credit
Excellent/Good

Editorial Disclaimer: Opinions expressed here are the author’s alone, not those of any bank, credit card issuer, airlines or hotel chain, and have not been reviewed, approved or otherwise endorsed by any of these entities.

Disclaimer: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser’s responsibility to ensure all posts and/or questions are answered.