Saturday, February 4, 2017

URGENT: Confirmation Of Your Online Banking. (JPMorgan Phishing attempt)

Dear Chase Online(SM) Customer,

As part of our commitment to help keep your account secure, we have detected an irregular activity on your account and we are placing a hold on your account for your protection. Please click on the following link and follow the instructions for proper verification.

CLICK HERE

NB: If this important message seems to be spam/junk please move to inbox to enable you click on the link above, We are here to assist you anytime. Your account security is our priority. Thank you for choosing Chase.

Sincerely,
Chase Fraud Department

Copyright © 2016 Chase Online. All rights reserved
JPMorgan Chase & Co.

Email analysis :

NOTE : info@onlinebanking.com
NOTE : bblazzard@lusd.k12.ca.us
NOTE : Received : from onlinebanking.com (unknown [68.65.134.234])


Phishing analysis :

CLICK : CLICK HERE
OPEN : http://mobwarsdoa.com/banking/chaseonline/Logon.php?LOB=RBGLogon&_pageLabel=page_logonform

Saturday, February 27, 2016

FUND TRANSFER

From The Desk Of JPMorgan Chase Bank US,
214 Broadway, New York,
NY 10038, United States.
Unclaimed Asset/Assets Re-united,
USA International Remittance Department
Our Website: www.jpmorganchase.com
Tel: (646) 801-9453
E-mail: info.jpmorgancbank@gmail.com
==============================

Attn: Beneficiary,

This is to inform you that a compensation payment in the amount of US$10,700,000.00, (Ten Million Seven Hundred Thousand United State Dollars) was legally approved and deposited few days ago with our Bank,JpMorgan Chase Bank Branch Office here in 214 Broadway 10038, New York U.S, and it was deposited in your name by the foreign debts settlement/compensation committee of the Executive Directors Of World Bank Group in conjunction with the European Union Board Of Director, and they instructed us to credit this fund direct to your private bank account with immediate effect, Meanwhile, the good news about your fund now is that your compensation payment file with some of the legal documents backing this fund has been forwarded to the US Department of State and the United Nation for final approval and we shall proceed with the transfer immediately we hear from you because we were mandated to transfer this fund to you as one of the beneficiary whose name is listed in the World Bank foreign debts settlement.
However, Please note that JpMorgan Chase Bank have decided and agreed together to send this payment to you by either bank wire transfer or by online bank transfer services depending the option you would prefer to receive this fund for security purpose, so you are therefore advised to quickly get back to the management of this bank and let us know the option you choose to have your fund credited into your account to enable us proceed with the claim process of your fund.

We wait your immediate response with your information below to enable this bank proceed immediately with the transfer of your fund as we were directed. Here are the information we require from you.

Full Name....................
Home Address.................
Age/Occupation..............
Valid Phone number............
Country/State........
Any Of Your Identity Card........

Kindly get back to us by reconfirming your full information.
Thank you, God Bless America.
Mr. Donald Johnson,
Director Of Foreign Remittance Department.

JPMORGAN CHASE BANK & CO.

Email analysis :

NOTE : info.jpmorgancbank@gmail.com
NOTE : info.jpmorganchasebank@gmail.com

Monday, March 23, 2015

JP Morgan Access Secure Message (Virus)

Please check attached file(s) for your latest account documents regarding your online account.

Alex Puckett
Level III Account Management Officer
817-283-1539 office
817-878-6079 cell Alex.Puckett@jpmorgan.com
Investments in securities and insurance products are:
NOT FDIC-INSURED/NO BANK-GUARANTEES/MAY LOSE VALUE
2015 JPMorgan Chase & Co.

CONFIDENTIAL NOTICE: The contents of this message, including any attachments, are confidential and are intended solely for the use of the person or entity to whom the message was addressed. If you are not the intended recipient of this message, please be advised that any dissemination, distribution, or use of the contents of this message is strictly prohibited. If you received this message in error, please notify the sender. Please also permanently delete all copies of the original message and any attached documentation. Thank you.

JP Morgan Access - Secure.zip

Email analysis :

NOTE : service@jpmorgan.com
NOTE : tenqvist@cc.oulu.fi
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
NOTE : Received : from 108-84-212-41.lightspeed.hstntx.sbcglobal.net (108.84.212.41)


Virus analysis :

OPEN : JP Morgan Access - Secure.zip
RESULT : JP Morgan Access - Secure.zip is a VIRUS

ALYac : Trojan.GenericKD.2234787
AVG : FakeAlert
AVware : Win32.Malware!Drop
Ad-Aware : Trojan.GenericKD.2234787
Antiy-AVL : Trojan[Downloader]/Win32.Upatre
Avast : Win32:Trojan-gen
Avira : TR/Crypt.Xpack.166918
Baidu-International : Trojan.Win32.Upatre.vlt
BitDefender : Trojan.GenericKD.2234787
CAT-QuickHeal : TrojanDownloader.Upatre.r4
ClamAV : Win.Trojan.Upatre-582
Comodo : UnclassifiedMalware
Cyren : W32/Trojan.ZDMF-2227
DrWeb : Trojan.DownLoad3.35985
ESET-NOD32 : Win32/TrojanDownloader.Waski.F
Emsisoft : Trojan.GenericKD.2234787 (B)
F-Secure : Trojan-Downloader:W32/Dalexis.B
Fortinet : W32/UPATRE.F!tr
GData : Trojan.GenericKD.2234787
Ikarus : Trojan-Downloader.Win32.Upatre
K7AntiVirus : Trojan ( 7000000c1 )
K7GW : Trojan ( 7000000c1 )
Kaspersky : Trojan-Downloader.Win32.Upatre.vlt
Malwarebytes : Trojan.Upatre
McAfee : Upatre-FAAR!05E6E33D4259
McAfee-GW-Edition : Upatre-FAAR!05E6E33D4259
MicroWorld-eScan : Trojan.GenericKD.2234787
Microsoft : TrojanDownloader:Win32/Upatre.AZ
NANO-Antivirus : Trojan.Win32.Upatre.dpimul
Norman : Upatre.FT
Qihoo-360 : HEUR/QVM19.1.Malware.Gen
Sophos : Troj/Upatre-JB
Symantec : Downloader.Upatre
Tencent : Win32.Trojan-downloader.Upatre.Fhz
TrendMicro : TROJ_UPATRE.SMNC
TrendMicro-HouseCall : Suspicious_GEN.F47V0320
VIPRE : Win32.Malware!Drop
ViRobot : Trojan.Win32.A.Downloader.28928.D[h]
nProtect : Trojan.Upatre.Gen.2