Phishing origination against Chase

This mail stream has been observed from

23.239.14.80
45.79.121.74
80.85.85.10
139.162.133.29
139.162.152.63
172.104.63.80
172.105.20.48
172.105.221.177
192.81.134.243

today. Including only one sample, the rest are identical except for the sending IP.

Return-Path: <support@wordpress-683919-2253622.cloudwaysapps.com>
Received: from 683919.cloudwaysapps.com (172-105-221-177.ip.linodeusercontent.com [172.105.221.177])
by x (Postfix) with ESMTP id x
for <x>; Sat, 6 Nov 2021 ##:##:## +0100 (CET)
Received: by 683919.cloudwaysapps.com (Postfix, from userid 1004)
id x Sat, 6 Nov 2021 ##:##:## +0000 (UTC)
To: x
Subject: Recently, we discovered unusual activities ?
Date: Sat, 6 Nov 2021 ##:##:## +0000
From: Support Chase <support@wordpress-683919-2253622.cloudwaysapps.com>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=»b1_x»
Content-Transfer-Encoding: 8bit
Message-ID: <x@wordpress-683919-2253622.cloudwaysapps.com>

Dear Customer:
Recently, we discovered unusual activities on your account that we believe may be unauthorized. For your protection, we have temporarily suspended use of this account until you verify the activity; you will not be able to use your Debit Card linked to this account for withdrawals or purchases.
What you need to do?
Please contact us as soon as possible to confirm your recent activity or to let us know if you think this account was used without your permission.

In person: Visit any chase branch and speak to a banker. To find a branch near you, visit us online.
Online: Go to Review and verify account activities to continue using your account .

Thank you,
chase online
Customer Fraud Protection Services

Опубликовано
В рубрике linode.com

Добавить комментарий

Ваш адрес email не будет опубликован.