Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of an email scam that poses as a survey from Chase Manhattan bank.
The emails claim that Chase Manhattan's online division is conducting a survey of its users, and will credit $20 to the accounts of those who take part. However, in reality the emails do not come from the bank but point to a bogus website which attempts to steal usernames, passwords and other confidential information from unwary surfers.
The scam claims to be a survey offering a cash reward from the Chase Manhattan bank.
"Email scammers are looking for new ways to fleece the unwary, and this time have come up with a new twist: asking people to help in a survey for a cash reward," said Graham Cluley, senior technology consultant for Sophos. "Internet users who bank online need to be wary of these kinds of tricks, and be extremely careful about what websites they hand their personal information over to before they end up penniless."
Sophos researchers believe that the emails are a variant of the commonly-encountered "Letter from Nigeria" scams, also known as 419 Advanced Fee Fraud, that fool innocent users into believing that a large amount of money will be transferred into their bank account, but are really designed to steal information about the user's identity and bank account, or demand a "handling fee" for the money transfer.
"It's important to realise that Chase Manhattan have done nothing wrong. Scammers are posing as the well known bank because Chase Manhattan is an established and well-trusted name, and they hope it will encourage victims to hand over their credentials," continued Cluley.
Sophos reminds users to be wary of unsolicited emails, and has published information about how individuals can learn how to protect themselves against this and other phishing attacks.
Organizations concerned about being fraudulently represented in phishing campaigns can sign up to the Sophos early warning system, Sophos PhishAlert.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.