Press Releases

Browse our press release archive

14 Mar 2006

Bogus Chase Manhattan survey aims to phish money from online bankers

"In return we will credit $20 to your account", claims email

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned of an email scam that poses as a survey from Chase Manhattan bank.

The emails claim that Chase Manhattan's online division is conducting a survey of its users, and will credit $20 to the accounts of those who take part. However, in reality the emails do not come from the bank but point to a bogus website which attempts to steal usernames, passwords and other confidential information from unwary surfers.

The scam claims to be a survey offering a cash reward from the Chase Manhattan bank

The scam claims to be a survey offering a cash reward from the Chase Manhattan bank.

"Email scammers are looking for new ways to fleece the unwary, and this time have come up with a new twist: asking people to help in a survey for a cash reward," said Graham Cluley, senior technology consultant for Sophos. "Internet users who bank online need to be wary of these kinds of tricks, and be extremely careful about what websites they hand their personal information over to before they end up penniless."

Sophos researchers believe that the emails are a variant of the commonly-encountered "Letter from Nigeria" scams, also known as 419 Advanced Fee Fraud, that fool innocent users into believing that a large amount of money will be transferred into their bank account, but are really designed to steal information about the user's identity and bank account, or demand a "handling fee" for the money transfer.

"It's important to realise that Chase Manhattan have done nothing wrong. Scammers are posing as the well known bank because Chase Manhattan is an established and well-trusted name, and they hope it will encourage victims to hand over their credentials," continued Cluley.

Sophos reminds users to be wary of unsolicited emails, and has published information about how individuals can learn how to protect themselves against this and other phishing attacks.

Organizations concerned about being fraudulently represented in phishing campaigns can sign up to the Sophos early warning system, Sophos PhishAlert.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.