Researchers at Armorblox have discovered two new phishing scams seeking to trick customers of JPMorgan Chase Bank into submitting login credentials. Both of the identified scams utilize social engineering and brand impersonation tactics to deceive targets into believing the messages are legitimate. One scam involved email notifications that appeared to contain fake credit card statements while the other impersonated a locked account workflow to scare victims into thinking their account had been blocked due to unusual login activity.
Both of the scams ask users to log into their Chase Bank accounts, then harvesting the inputted credentials. According to Armorblox, the first scam was able to bypass scam filtering because Microsoft determined that the email originated from a safe sender or was from an email source server on the IP Allow list, making the campaign particularly harmful. Victims who opened malicious links inserted in the emails would be transferred to a web page mimicking the Chase login portal and prompted to enter their banking account credentials.
Read More: Threat Actors Impersonate Chase Bank