JPMorgan Victim to Email Phishing Scam

Print
Email
Reprints
Comment
Twitter
LinkedIn
Facebook
Google+

JPMorgan customers were targeted with a phishing scam earlier this week aimed at obtaining online banking credentials.

Security researchers from the email provider Proofpoint said the "Smash and Grab" phishing campaign tries to lure individuals to click on a malicious link in an email that looks like an authentic message from JPMorgan.

Even if customers do not proceed to sign into their JPMorgan bank account, the fraudsters try to automatically install the Dyre banking Trojan on their computers to steal passwords from other institutions, Proofpoint said.

A few dozen JPMorgan customers contacted the bank on Tuesday to report the suspicious emails, said spokeswoman Trish Wexler. The bank immediately contacted its Internet service providers to stop more emails from being distributed.

"This is a very small incident," Wexler said in a phone interview. "We are not aware of any fraud occurring."

JPMorgan Chase, which is the top U.S. bank with $2.5 trillion in total assets, has more than 50 million customers. The bank believes most of the spam was eliminated by fraud filters.

Proofpoint reported that about 150,000 emails were sent on Tuesday.

This story was first reported by Reuters. Mike Horn, the vice president of threat research at Proofpoint, told Reuters that it is unusual for spammers to infect PCs with malware while trying to make customers access their bank accounts because the scam can be detected more easily.

"Usually when they do credential phishing, that is all they do. In this case, they are throwing in the kitchen sink," Horn told Reuters.

JOIN THE DISCUSSION

SEE MORE IN

RELATED TAGS

'Dodd-Frank Is Like the TSA': Comments of the Week
American Banker readers share their views on the most pressing banking topics of the week. Comments are excerpted from reader response sections of AmericanBanker.com articles and from our social media platforms.

(Image: iStock)

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments:
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Already a subscriber? Log in here
Please note you must now log in with your email address and password.