New Phishing Scam!!!

[Ringel05]

Heads up!!! New phishing e-mail scam that targets those with (and without) PayPal accounts.
It looks like a PayPal e-mail, it tells you your account may have been accessed by a third party and it asks you to click on the link provided to check on your account. Obviously DON'T do it.
My wife received this e-mail and she doesn't even have an account with PayPal.

 

[Oddball]

I get those all the time in my hotmail box.

Don't have a Payapl account...nor one at Bank of America...nor a Chase credit card...

 

[Ropey]

Heads up!!! New phishing e-mail scam that targets those with (and without) PayPal accounts.
It looks like a PayPal e-mail, it tells you your account may have been accessed by a third party and it asks you to click on the link provided to check on your account. Obviously DON'T do it.
My wife received this e-mail and she doesn't even have an account with PayPal.

I never click on links inside of email. I copy the link, open up an new instance of a secure browser and paste the link.

This is the safest method that I know of to bypass an e-mail phish using link execution. If it is simply a phish site then if you hover your mouse on the link and look at the status bar, you can check the address to be sure you are being directed to the correct site (if you know the sites true address).

I always look at the addresses.

 

[iamwhatiseem]

New??
This has been around for at least 10 years.

 

[Ringel05]

Heads up!!! New phishing e-mail scam that targets those with (and without) PayPal accounts.
It looks like a PayPal e-mail, it tells you your account may have been accessed by a third party and it asks you to click on the link provided to check on your account. Obviously DON'T do it.
My wife received this e-mail and she doesn't even have an account with PayPal.

I never click on links inside of email. I copy the link, open up an new instance of a secure browser and paste the link.

This is the safest method that I know of to bypass an e-mail phish. Also, if you hover your mouse on the link and look at the status bar, you can check the address to be sure you are being directed to the correct site (if you know the sites true address).

I always look at the addresses.

Yeah. Thankfully my wife waited till I got home and didn't do anything with it. I just created a "trash it" rule and deleted it.

 

[Ringel05]

New??
This has been around for at least 10 years.

Shoot me, I oopsed and used the word new. I also realized it afterwards and figured someone would jump on it....... I was right.......

 

[Ropey]

New or not phishing is a danger and it's always a good thing to post its danger and useful methods to interdict the phish.

 

[charley999]

The first thing to do is look for your name in the Email. Any legitimate entity will address you by name and with identification.

If I don't get a couple of these a day, I think I'm losing my touch. This very day I got a good looking one from Chase, and to top it off I HAVE two credit cards from Chase. It says Dear Chase Cardholder....

 

[waltky]

Granny don't keep her money inna bank - she hides it in... aw, thought ya was gonna trick me into tellin' ya...

Chase Bank Customers Targeted by Massive Phishing Attack
August 27, 2014 — A new trend in cyber attacks may be unfolding: the "smash and grab" campaign. One such attack recently targeted a massive number of JPMorgan Chase customers on August 19. While most phishing perpetrators attempt to disguise their efforts and extend the shelf life of their attacks, this exploit was fearless – disregarding stealth measures and launching a multi-pronged attack that wasn't concerned about the threat of detection.

The FBI is looking into cyber attacks on U.S. banks, reportedly as possible cases of Russian retaliation for U.S.-backed sanctions enacted over the crisis in Ukraine. According to Bloomberg, investigators are considering the possibility that recent hacking of JPMorgan is connected to a series of data breaches at European banks. These infiltrations are said to have exploited "a similar vulnerability," and required enough technical expertise to raise the possibility of government involvement. The timing has also raised suspicions: since Vladimir Putin's government became heavily involved in Ukraine's civil conflict, there has been a reported increase in cyber attacks on U.S. banks launched from Russia and Eastern Europe.

Researchers at Proofpoint, a data security firm, discovered the large-scale phishing attack on JPMorgan accounts, which apparently originated in Moscow. Proofpoint saw 150,000 emails in its system alone on the first day of the attack. Other email systems have not reported numbers affected.

The attack begins with a typical ploy: an email urging you to click to view a secure message. The graphics are clean and believable, with the JPMorgan logo and none of the common typos and clunky language found in many phishing efforts.

MORE