Chase Bank Customers Targeted Via Texting

Smishing Attack is New Variation of Classic Fraud
Chase Bank Customers Targeted Via Texting
Chase Bank customers in the New York metro area have been receiving bogus text messages claiming to be from the bank, asking for account information. A local New York television station reported the phishing attack last week, claiming that "tens of millions of dollars" have already been stolen by fraudsters.

Chase media relations spokesman Tom Kelly downplays the report, saying, "As you might expect, TV is a little breathless on an issue that has been around via email and now texts for a number of years." Kelly says this attack is a variation of phishing known as "smishing." He says the amount of money taken in the attacks or the number of customers receiving the text messages is unknown.

"There was a recent flurry in the New York area, and it affected more than just Chase," Kelly says. "[The fraudsters'] strategy seems to be to send the texts randomly, using the name of large banks in the market, assuming that they will reach a fair number of customers of each bank by sheer market share."

Kelly says Chase works with telephone companies to shut down the toll-free numbers "as soon as we learn of them." He adds that the bank encourages customers to send the bank the phony emails or text messages.

When asked if Chase will replace any money taken as a result of the smishing attacks, Kelly says, "It depends, although customers who share their account information and PIN are making their accounts vulnerable."

As for any perceived negative response from customers about the use of texting to check on their accounts, Kelly says Chase doesn't expect the recent flurry of attacks to have any impact. "Most consumers know from phishing and common sense not to volunteer information like account numbers or PINs in response to emails or texts."


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network