Certified Forensic Loan Auditors, LLC

  Upcoming Classes

Search CFLA's Article Archive:

If You Use Chase Bank, Watch Out For Email Scams Right Now

dealbook.nytimes.com | October 5, 2014

By Gerry Smith

After disclosing that an attack on its computer system compromised the accounts of more than half of all U.S. households, the nation's biggest bank is trying to put customers' worries at ease.

No money or Social Security numbers were stolen in the attack, and the bank hasn't seen "any unusual customer fraud," JPMorgan said Thursday in a regulatory filing.

But the information that was compromised -- client names, addresses, phone numbers and email addresses -- could still put customers at risk of identity theft, security experts say.

Hackers often use such information for so-called phishing attacks, in which fraudulent emails are sent to intended victims that appear to come from bank representatives. JPMorgan customers were targeted by such an attack as recently as August, when hackers sent bogus emails that prompted them to enter their account credentials and attempted to download malicious software onto their computers.

It's unclear whether that scam is related to the JPMorgan attack, which started in June and was detected in July. But security experts said the information stolen in the breach could be valuable to thieves who want to trick victims into handing over account information.

The accessed information could allow hackers to tailor their email attacks more precisely. The hackers got ahold of internal bank information about whether customers were clients of Chase's mortgage, credit card or auto loan divisions, Chase spokeswoman Kristin Lemkau.

"If hackers know that all of these email addresses belong to Chase customers, they can take advantage of that," said Chester Wisniewski, a researcher at the security firm Sophos.

Stolen email addresses, he said, "can and will lead to identity theft."

Lemkau said that email phishing attacks are "the biggest risk" for customers affected by the breach, which includes anyone who has used one of Chase's websites or mobile apps.

The bank's website urged customers to be cautious of any communications that ask for their personal information.

"Don't click on links or download attachments in emails from unknown senders or other suspicious email," the bank's website said. "We will never ask you to enter your personal information in an email or text message."

Lemkau said customers don't need new debit or credit cards and don't need to change their passwords, because that information was not compromised. The bank said it is continuing to investigate the breach, and that customers should watch their accounts, as customers will not be liable for fraudulent transactions if they alert the bank promptly.

The JPMorgan breach is just the latest in a string of cyberattacks against major corporations that have exposed the personal information of millions of people. Last month, Home Depot said about 56 million customer debit and credit cards were put at risk after hackers broke into the company's payment systems. A cyberattack against Target last year compromised the credit card information of 40 million customers.

But Wisniewski said the JPMorgan attack is still more troubling. That hackers could find a way into Wall Street's computer networks -- which are among the most secure networks in the American economy -- shows how sophisticated they have become, he said.

"The financial sector should be very concerned," Wisniewski said.


Back to October 2014 Archive

CFLA was founded by the Nation's Leading Foreclosure Defense Attorneys back in 2007 to serve the Foreclosure Defense Industry and fight pervasive Bank Fraud. Since opening our virtual doors, CFLA has rapidly expanded to become the premier online legal destination for small businesses and consumers. But as the company continues to grow, we're careful to hold true to our original vision. For us, putting the law within reach of millions of people is more than just a novel idea—it's the founding principle, just ask Andrew P. Lehman, J.D.. With convenient locations in Houston and Los Angeles, you can contact Our National Account Specialist and General Manager / Member Damion W. Emholtz at 888-758-2352 for a free Mortgage Fraud Analysis or to obtain samples of work product, including cutting edge Bloomberg Securitization Audits, Litigation Support, Quiet Title Packages, and for more information about our Nationally Accredited and U.S. Department of Education Approved "Mortgage Securitization Analyst Training Certification" Classes (3 days) 24 hours for approved CLE & MCLE Credit (Now Available Online).

SEE BELOW- http://www.certifiedforensicloanauditors.com

Call us toll free at 888-758-2352

Bookmark and Share
Facebook Like us on Facebook
Twitter Follow us on Twitter
YouTube View our YouTube Videos
LinkedIn Connect to us on Linkedin
BBB Logo


Contact us or view our Sample Documents & Audits by completing the form below.

International Bloomberg Securitization Audits


DVD Sets Only $99


FREE Mortgage Fraud Analysis


Order Cutting-Edge Services Now


Quiet Title Packages from Licensed Attorneys


Affiliate Services


CFLA Sponsored Attorney Links


Take-Home Education Package