I've been bank phished (embarrassing) and now I don't know what to do
September 27, 2023 11:25 AM Subscribe
I received an email that looked like it was ABSOLUTELY from my bank (Chase), and bore no marks of being fake or phishing, regarding a claim I had recently filed. Everything looked 100% legit, and I had in fact filed a claim. It took me to a *real letter about my real claim*. I called my bank a few days later and they said that the email was a phishing scam. Lots of details inside that are frankly frightening and bizarre.
First of all, anyone using Chase for banking, there is a phishing scheme out there that bears no hallmarks of being a phishing scheme. Hovering over the links revealed Chase email addresses and mobile banking links. The subject was about a real claim that I had submitted three day prior. The link, when I clicked it, took me right into my banking app to a real letter about my real claim, the details of which I confirmed with my bank over the phone, which I would have absolutely expected an email about once it was filed, and another when it was resolved.
Here's where I was stupid: the email came to an email address I don't use with my bank. It's a different email account. They shouldn't be linked in any way. I simply didn't think. So, that's seriously embarrassing, but it means that something out there has linked one of my side emails to my main email and to my banking account and knew I had filed a claim and knew the letter about it had been posted to my account.
I have no idea how they were able to find out that I had just made a claim against a charge to my banking account a few days ago, and then somehow legitimately link to a real letter that was really placed in my account dated the same day as the email arrived that pertained to the claim.
So now the question is -- how much am I compromised by clicking the link in that email? How did this work? Do I need to close my checking account, cancel the debit card I have linked to the account, and start fresh? Could these people have my social security number? What sort of damage control should I be doing now?
And how the hell did they do that?
First of all, anyone using Chase for banking, there is a phishing scheme out there that bears no hallmarks of being a phishing scheme. Hovering over the links revealed Chase email addresses and mobile banking links. The subject was about a real claim that I had submitted three day prior. The link, when I clicked it, took me right into my banking app to a real letter about my real claim, the details of which I confirmed with my bank over the phone, which I would have absolutely expected an email about once it was filed, and another when it was resolved.
Here's where I was stupid: the email came to an email address I don't use with my bank. It's a different email account. They shouldn't be linked in any way. I simply didn't think. So, that's seriously embarrassing, but it means that something out there has linked one of my side emails to my main email and to my banking account and knew I had filed a claim and knew the letter about it had been posted to my account.
I have no idea how they were able to find out that I had just made a claim against a charge to my banking account a few days ago, and then somehow legitimately link to a real letter that was really placed in my account dated the same day as the email arrived that pertained to the claim.
So now the question is -- how much am I compromised by clicking the link in that email? How did this work? Do I need to close my checking account, cancel the debit card I have linked to the account, and start fresh? Could these people have my social security number? What sort of damage control should I be doing now?
And how the hell did they do that?
I called my bank a few days later and they said that the email was a phishing scam.
Why did you call your bank? Was there some problem with this claim? How well-informed did this person sound? Did you speak to someone in fraud detection, as opposed to some rando CSR?
Because...nothing is impossible in this day and age. But it seems like it would have to have a lot of contemporary internal data, to the point that I'd suspect it would have to be an inside job, and...to what end? To confirm that one email account is linked to another/a particular identity? Unless you were taking serious security measures, that's info that's probably already readily purchasable out there.
I'd probably do credit and ChexSystems freezes, because that's relatively simple and convenient to do, but otherwise just keep an eye out.
posted by praemunire at 11:35 AM on September 27, 2023 [1 favorite]
Why did you call your bank? Was there some problem with this claim? How well-informed did this person sound? Did you speak to someone in fraud detection, as opposed to some rando CSR?
Because...nothing is impossible in this day and age. But it seems like it would have to have a lot of contemporary internal data, to the point that I'd suspect it would have to be an inside job, and...to what end? To confirm that one email account is linked to another/a particular identity? Unless you were taking serious security measures, that's info that's probably already readily purchasable out there.
I'd probably do credit and ChexSystems freezes, because that's relatively simple and convenient to do, but otherwise just keep an eye out.
posted by praemunire at 11:35 AM on September 27, 2023 [1 favorite]
Best answer: (And, yes, unless their practice changed recently, Chase does send emails notifying you of communications to your account concerning claims...)
posted by praemunire at 11:36 AM on September 27, 2023
posted by praemunire at 11:36 AM on September 27, 2023
Best answer: TBH my first thought is that the customer service people you spoke to are wrong, and these emails genuinely came from the bank. I've encountered this a few times in the recent past, and I even posted an Ask about one of these instances. For whatever reason, sometimes the main customer service people do not know about emails sent to customers by other departments.
It's possible that you provided this email address in some random context one time by mistake to Chase, right? If you've been with them for years, or maybe talked to someone one time about something else entirely and by accident you gave them this email address? Big sprawling banks' internal processes involve so many different systems and software programs that this type of mixup would not surprise me at all.
posted by MiraK at 11:37 AM on September 27, 2023 [19 favorites]
It's possible that you provided this email address in some random context one time by mistake to Chase, right? If you've been with them for years, or maybe talked to someone one time about something else entirely and by accident you gave them this email address? Big sprawling banks' internal processes involve so many different systems and software programs that this type of mixup would not surprise me at all.
posted by MiraK at 11:37 AM on September 27, 2023 [19 favorites]
Best answer: So, the only thing you did is clicking the link in the email? You didn't enter your login credentials or any other sensitive information anywhere? (or if you did enter your login credentials — it was definitely inside the Chase app on your phone, not a webpage?)
IF that's the case, I don't think you need to be too worried. There certainly are exploits that can be triggered simply by clicking a link, but they're more complex and rare, compared to tricking someone into typing their login info into a Google form or whatever.
There's also a fair chance that this really was a legitimate email. The fact that they linked you to a letter about your real claim makes this seem more likely to be legit. Do you still have the email? You can go back and verify whether the link was a legitimate Chase link or not. Doesn't really matter what the people on the phone told you... they are likely to just tell you everything is a phishing email out of an abundance of caution.
If I were you, I would change my online banking password, set up two-factor identification, and keep an eye on my balance for the next few months — maybe set up email notifications for all withdrawals/purchases if possible — but not take any other action.
posted by mekily at 11:46 AM on September 27, 2023 [3 favorites]
IF that's the case, I don't think you need to be too worried. There certainly are exploits that can be triggered simply by clicking a link, but they're more complex and rare, compared to tricking someone into typing their login info into a Google form or whatever.
There's also a fair chance that this really was a legitimate email. The fact that they linked you to a letter about your real claim makes this seem more likely to be legit. Do you still have the email? You can go back and verify whether the link was a legitimate Chase link or not. Doesn't really matter what the people on the phone told you... they are likely to just tell you everything is a phishing email out of an abundance of caution.
If I were you, I would change my online banking password, set up two-factor identification, and keep an eye on my balance for the next few months — maybe set up email notifications for all withdrawals/purchases if possible — but not take any other action.
posted by mekily at 11:46 AM on September 27, 2023 [3 favorites]
Best answer: My thought is that phishing is a numbers game, and having this level of detail on victims wouldn’t scale for scammers. And it doesn’t sound like you were asked to provide anything that would make it worthwhile.
I suspect that the only user error is that you somehow gave this email to your bank at some point, maybe through auto fill on a form? And now they’re using it. And they weren’t correct for dumb information systems reasons about the emails not being from them. Banks are both smarter and dumber than we give them credit for.
posted by chesty_a_arthur at 11:51 AM on September 27, 2023
I suspect that the only user error is that you somehow gave this email to your bank at some point, maybe through auto fill on a form? And now they’re using it. And they weren’t correct for dumb information systems reasons about the emails not being from them. Banks are both smarter and dumber than we give them credit for.
posted by chesty_a_arthur at 11:51 AM on September 27, 2023
Best answer: For whatever reason, sometimes the main customer service people do not know about emails sent to customers by other departments.
Anecdotally, I work in a customer-facing department and two days ago we told a member that an email was not from us, when it was definitely from us. We are not told of every email that's sent, and whatever email client that member was using showed the from address like this: kim@kimbusiness.com *via servername.weirdserver.com*. Weirdserver is the name of the mail server that our marketing software uses, but isn't the name of the marketing software so it looked strange to the member and to us.
I think it's a legit email and the customer service rep made the wrong call.
posted by kimberussell at 12:03 PM on September 27, 2023 [9 favorites]
Anecdotally, I work in a customer-facing department and two days ago we told a member that an email was not from us, when it was definitely from us. We are not told of every email that's sent, and whatever email client that member was using showed the from address like this: kim@kimbusiness.com *via servername.weirdserver.com*. Weirdserver is the name of the mail server that our marketing software uses, but isn't the name of the marketing software so it looked strange to the member and to us.
I think it's a legit email and the customer service rep made the wrong call.
posted by kimberussell at 12:03 PM on September 27, 2023 [9 favorites]
Best answer: I bet Chase is wrong. I don't know how they got your other email address. Was that the email you used with a merchant? Like, this would be the worst phishing scheme ever if so.
But definitely stop beating yourself up.
posted by bluedaisy at 12:17 PM on September 27, 2023 [4 favorites]
But definitely stop beating yourself up.
posted by bluedaisy at 12:17 PM on September 27, 2023 [4 favorites]
I don't know whether this email is or isn't phishing, but to clarify a couple of things:
Sending spam emails is cheap. It's a common spammer trick to send out a zillion emails about a claim or transfer or whatever, since even if only one in ten thousand recipients happen to have just made a claim, that's still a LOT of people thinking "well it must be a real email because otherwise how would they know".
If you give your credentials to fraudsters, by logging into a fake website, they can potentially use those credentials to log themselves into the real website and access all your info. Then they can show you all your own info on the fake website. This is called a man in the middle attack.
There are ways to fake the "hover over" thing and make a link in an email look like the correct link when it is not.
For all these reasons, sensible banks never send their customers links like this in emails. They'll just say "Please log into your account" or something like that.
It's completely possible that a bank might send a link in an email anyway, because someone didn't get the memo. And as everyone else says, it's possible for the customer service team not to know about it.
But still. If you typed in your entire credentials after you clicked that link, I'd take precautions as if you were successfully phished. Better safe than sorry!
Changing the password/credentials on the account would be the first thing to do.
posted by quacks like a duck at 12:24 PM on September 27, 2023 [2 favorites]
Sending spam emails is cheap. It's a common spammer trick to send out a zillion emails about a claim or transfer or whatever, since even if only one in ten thousand recipients happen to have just made a claim, that's still a LOT of people thinking "well it must be a real email because otherwise how would they know".
If you give your credentials to fraudsters, by logging into a fake website, they can potentially use those credentials to log themselves into the real website and access all your info. Then they can show you all your own info on the fake website. This is called a man in the middle attack.
There are ways to fake the "hover over" thing and make a link in an email look like the correct link when it is not.
For all these reasons, sensible banks never send their customers links like this in emails. They'll just say "Please log into your account" or something like that.
It's completely possible that a bank might send a link in an email anyway, because someone didn't get the memo. And as everyone else says, it's possible for the customer service team not to know about it.
But still. If you typed in your entire credentials after you clicked that link, I'd take precautions as if you were successfully phished. Better safe than sorry!
Changing the password/credentials on the account would be the first thing to do.
posted by quacks like a duck at 12:24 PM on September 27, 2023 [2 favorites]
Best answer: I work in this space and am happy to take a quick look at the email and assess it if you want to me-mail me.
posted by jferg at 12:32 PM on September 27, 2023 [10 favorites]
posted by jferg at 12:32 PM on September 27, 2023 [10 favorites]
Response by poster: praemunire: Why did you call your bank? Was there some problem with this claim?
Ah I see I told the story out of order.
1) Got the first email, clicked through, read notice.
2) Got the second email seven days later, clicked through, read new notice.
3) Due to the nature of the claim and the actions the merchant and the bank both took, I called my bank after reading the second notice to talk to them about it, and during this discussion brought up that they were using an email I had never given them.
4) Was asked to describe the email in detail and any actions I took.
5) Was informed that this was a phishing scam they knew about that my banking and identity info is now at risk.
MiraK: It's possible that you provided this email address in some random context one time by mistake to Chase, right?
I would never provide this email address to anyone who wasn't a paying client of my tutoring services, which is its sole purpose and use.
mekily: So, the only thing you did is clicking the link in the email? You didn't enter your login credentials or any other sensitive information anywhere?
Correct. The link took me to my banking app which has to be logged into by my thumbprint. I entered no data anywhere, not a password or any other information.
quacks like a duck: If you typed in your entire credentials after you clicked that link, I'd take precautions as if you were successfully phished. Better safe than sorry!
I entered no information anywhere at all.
posted by tzikeh at 12:33 PM on September 27, 2023
Ah I see I told the story out of order.
1) Got the first email, clicked through, read notice.
2) Got the second email seven days later, clicked through, read new notice.
3) Due to the nature of the claim and the actions the merchant and the bank both took, I called my bank after reading the second notice to talk to them about it, and during this discussion brought up that they were using an email I had never given them.
4) Was asked to describe the email in detail and any actions I took.
5) Was informed that this was a phishing scam they knew about that my banking and identity info is now at risk.
MiraK: It's possible that you provided this email address in some random context one time by mistake to Chase, right?
I would never provide this email address to anyone who wasn't a paying client of my tutoring services, which is its sole purpose and use.
mekily: So, the only thing you did is clicking the link in the email? You didn't enter your login credentials or any other sensitive information anywhere?
Correct. The link took me to my banking app which has to be logged into by my thumbprint. I entered no data anywhere, not a password or any other information.
quacks like a duck: If you typed in your entire credentials after you clicked that link, I'd take precautions as if you were successfully phished. Better safe than sorry!
I entered no information anywhere at all.
posted by tzikeh at 12:33 PM on September 27, 2023
No idea how they did that, and I don't think you're stupid. There have been several data dumps in the last few years that compromised email addresses. Sorry this is happening. Things to do:
Uninstall your bank app
Clear cookies and run virus scans on your devices
Re-install your bank app
Change your passwords/PINs for bank accounts, credit cards, utilities, and so on, and email boxes
Opt for multi-step authorization wherever possible
Block senders with "Chase" like extensions in the email box Chase isn't supposed to use to contact you
I don't think you can freeze your credit, unless you're in Quebec? But monitor your credit (Borrowell, for Equifax, or direct from Equifax; and maybe Credit Karma, for Transunion). Monitor your bank accounts for unusual debits and transfers (including internally, from savings/money market/etc. to checking), names being added, and, particularly, to names being added to your approved wire transfer/EFT recipient list.
posted by Iris Gambol at 1:12 PM on September 27, 2023 [2 favorites]
Uninstall your bank app
Clear cookies and run virus scans on your devices
Re-install your bank app
Change your passwords/PINs for bank accounts, credit cards, utilities, and so on, and email boxes
Opt for multi-step authorization wherever possible
Block senders with "Chase" like extensions in the email box Chase isn't supposed to use to contact you
I don't think you can freeze your credit, unless you're in Quebec? But monitor your credit (Borrowell, for Equifax, or direct from Equifax; and maybe Credit Karma, for Transunion). Monitor your bank accounts for unusual debits and transfers (including internally, from savings/money market/etc. to checking), names being added, and, particularly, to names being added to your approved wire transfer/EFT recipient list.
posted by Iris Gambol at 1:12 PM on September 27, 2023 [2 favorites]
Best answer: I would never provide this email address to anyone who wasn't a paying client of my tutoring services
The address is in other people's address books, then, and any one of them could have been compromised or disseminated the address, knowingly or unknowingly. So, assuming this was phishing, it's not hard to imagine how they got the address.
If you in fact received a legit email--if one of your clients has ever used a bill-paying service (at their bank or otherwise) and/or you use Zelle to accept payments, this email address could have gotten associated with your Chase account that way. Wouldn't explain why Chase emailed you at it, though. I'm assuming you've looked in your Chase account settings and the only email address listed on it is still the one you expect to be there?
I'm curious about the link. Did it take you directly to the point where it brought up the letter without further action after logging in with your thumb? Or did you it take you to like a claims or documents page where you could then choose to view the letter? If it's the latter (did not load the letter automatically) and if it was phishing, it's not tough to imagine how it was done. Most apps these days have ways their developers added of deeplinking to particular screens or pages within them. These links aren't hard to figure out, and in fact are often the same URL as you would end up if you were visiting the company's website instead of the app. But since the app is installed, there's metadata in the website headers that tells your device to open their app to a particular screen instead.
I agree with others though that this doesn't really make any sense as a phishing email. First, they would be using the laws of probabilities to hit people who actually filed a claim. Fine, let's assume there's enough to matter.
Second, they're using a real link to send you to the real app. The only thing here would be if there was a redirect involved in the link (did it pop open your web browser momentarily before the Chase app apppeared?) but even then, without you entering your credentials, a redirect just tells them you clicked the link. Gives them your IP address and browser info, sure, but that doesn't do much by itself. Having a redirect like that could result in a drive-by exploit, depending on your device, so I suppose there could be some value in it. But especially with mobile devices, this is less likely.
Could it be greasing the wheels for a later direct attack? Potentially. They would now know you a) probably have a claim outstanding and b) click email links, which would narrow down the pool of people they would contact with the actual attack link, although I don't see much benefit in that.
In all likelihood, Chase somehow associated the email address with your account and screwed up your setting somewhere internally and sent it to the wrong address. It's much more likely than someone playing the long con they would have to be here...unless you are a politician or other public figure who it would make sense to directly target.
Everything else said, I don't believe anything was actually compromised, and I think taking a lot of drastic steps (like changing passwords for everything in your life) is unnecessary.
And if the link actually pointed directly to the letter without you having to take any other action once you were within the app, it is either a) an internal job, in which case changing your passwords and stuff doesn't matter, and still doesn't make a lot of sense as an attack, or b) it is 100% legit. The URLs used for documents like that are not only not easily guessable, they are often essentially random for all intents and purposes. There is no way a phisher generated the exact URL to the document itself unless your bank account was already compromised, in which case it still doesn't make sense why they would send you such an email.
And finally (sorry for the terribly long post), did you receive an email at the expected email address from Chase about the second letter? If not, that would seal the deal for me that it was legit, because otherwise you should have received a notification outside of this suspected phishing one.
(and I wouldn't trust a rando CSR's answer that this is a phishing scheme they know about...phishing scheme involving fake emails saying your claim has been settled that go to a website where you put in your Chase credentials, sure. but not with this fact pattern of no apparent leak of info.)
posted by tubedogg at 1:25 PM on September 27, 2023 [4 favorites]
The address is in other people's address books, then, and any one of them could have been compromised or disseminated the address, knowingly or unknowingly. So, assuming this was phishing, it's not hard to imagine how they got the address.
If you in fact received a legit email--if one of your clients has ever used a bill-paying service (at their bank or otherwise) and/or you use Zelle to accept payments, this email address could have gotten associated with your Chase account that way. Wouldn't explain why Chase emailed you at it, though. I'm assuming you've looked in your Chase account settings and the only email address listed on it is still the one you expect to be there?
I'm curious about the link. Did it take you directly to the point where it brought up the letter without further action after logging in with your thumb? Or did you it take you to like a claims or documents page where you could then choose to view the letter? If it's the latter (did not load the letter automatically) and if it was phishing, it's not tough to imagine how it was done. Most apps these days have ways their developers added of deeplinking to particular screens or pages within them. These links aren't hard to figure out, and in fact are often the same URL as you would end up if you were visiting the company's website instead of the app. But since the app is installed, there's metadata in the website headers that tells your device to open their app to a particular screen instead.
I agree with others though that this doesn't really make any sense as a phishing email. First, they would be using the laws of probabilities to hit people who actually filed a claim. Fine, let's assume there's enough to matter.
Second, they're using a real link to send you to the real app. The only thing here would be if there was a redirect involved in the link (did it pop open your web browser momentarily before the Chase app apppeared?) but even then, without you entering your credentials, a redirect just tells them you clicked the link. Gives them your IP address and browser info, sure, but that doesn't do much by itself. Having a redirect like that could result in a drive-by exploit, depending on your device, so I suppose there could be some value in it. But especially with mobile devices, this is less likely.
Could it be greasing the wheels for a later direct attack? Potentially. They would now know you a) probably have a claim outstanding and b) click email links, which would narrow down the pool of people they would contact with the actual attack link, although I don't see much benefit in that.
In all likelihood, Chase somehow associated the email address with your account and screwed up your setting somewhere internally and sent it to the wrong address. It's much more likely than someone playing the long con they would have to be here...unless you are a politician or other public figure who it would make sense to directly target.
Everything else said, I don't believe anything was actually compromised, and I think taking a lot of drastic steps (like changing passwords for everything in your life) is unnecessary.
And if the link actually pointed directly to the letter without you having to take any other action once you were within the app, it is either a) an internal job, in which case changing your passwords and stuff doesn't matter, and still doesn't make a lot of sense as an attack, or b) it is 100% legit. The URLs used for documents like that are not only not easily guessable, they are often essentially random for all intents and purposes. There is no way a phisher generated the exact URL to the document itself unless your bank account was already compromised, in which case it still doesn't make sense why they would send you such an email.
And finally (sorry for the terribly long post), did you receive an email at the expected email address from Chase about the second letter? If not, that would seal the deal for me that it was legit, because otherwise you should have received a notification outside of this suspected phishing one.
(and I wouldn't trust a rando CSR's answer that this is a phishing scheme they know about...phishing scheme involving fake emails saying your claim has been settled that go to a website where you put in your Chase credentials, sure. but not with this fact pattern of no apparent leak of info.)
posted by tubedogg at 1:25 PM on September 27, 2023 [4 favorites]
Response by poster: Another thing that had freaked me out was that I searched "no-reply@alertsp.chase.com" and the first few links that came up were all "this is a scam" "this is phishing" "how to protect your Chase account" etc.
BUT!
SOLVED! ALL IS WELL!
Many many many thanks to jferg, who looked at the header and html in the email, and explained to me how to tell that no, it's not a phishing email, it's absolutely from Chase, and the guy on the phone was wrong.
If you in fact received a legit email--if one of your clients has ever used a bill-paying service (at their bank or otherwise) and/or you use Zelle to accept payments, this email address could have gotten associated with your Chase account that way.
Oh my God. I bet that's what happened. UGH. Thank you.
So now the mystery of the wrong email is solved as well.
Thank you all so much for this utter waste of everyone's time.
posted by tzikeh at 2:12 PM on September 27, 2023 [38 favorites]
BUT!
SOLVED! ALL IS WELL!
Many many many thanks to jferg, who looked at the header and html in the email, and explained to me how to tell that no, it's not a phishing email, it's absolutely from Chase, and the guy on the phone was wrong.
If you in fact received a legit email--if one of your clients has ever used a bill-paying service (at their bank or otherwise) and/or you use Zelle to accept payments, this email address could have gotten associated with your Chase account that way.
Oh my God. I bet that's what happened. UGH. Thank you.
So now the mystery of the wrong email is solved as well.
Thank you all so much for this utter waste of everyone's time.
posted by tzikeh at 2:12 PM on September 27, 2023 [38 favorites]
For the record, the crooks are getting good, and no one has given you any solid training on allllllll the ways they can try to fool you. It's asymmetric, and we are on the wrong end!
My compliments for doing as well as you did.
posted by wenestvedt at 5:35 PM on September 27, 2023 [6 favorites]
My compliments for doing as well as you did.
posted by wenestvedt at 5:35 PM on September 27, 2023 [6 favorites]
Thank you for asking about this and generating this detailed discussion. I work in banking , although I'm new to it, and this thread was informative to me. As both a customer and as a CSR, I wish it were easier to confirm that communications were legit.
posted by needs more cowbell at 4:13 AM on September 28, 2023 [6 favorites]
posted by needs more cowbell at 4:13 AM on September 28, 2023 [6 favorites]
If you were able to bring up the message in your banking app on mobile as well as after you log into their website, then message is legitimate.
I think the rep you talked to were a bit too eager to conclude it's phishing email/message. While I would err on the side of caution, that's a bit too... paranoid.
posted by kschang at 4:36 AM on September 28, 2023 [2 favorites]
I think the rep you talked to were a bit too eager to conclude it's phishing email/message. While I would err on the side of caution, that's a bit too... paranoid.
posted by kschang at 4:36 AM on September 28, 2023 [2 favorites]
Thank you all so much for this utter waste of everyone's time.
This was absolutely not a waste of my time. It's quite helpful to me as someone who has a bank account and some e-mail addresses to know that this can happen, how this can happen, and how it can be resolved if it does happen.
posted by Don Pepino at 5:36 AM on September 28, 2023 [6 favorites]
This was absolutely not a waste of my time. It's quite helpful to me as someone who has a bank account and some e-mail addresses to know that this can happen, how this can happen, and how it can be resolved if it does happen.
posted by Don Pepino at 5:36 AM on September 28, 2023 [6 favorites]
Response by poster: me: Another thing that had freaked me out was that I searched "no-reply@alertsp.chase.com" and the first few links that came up were all "this is a scam" "this is phishing" "how to protect your Chase account" etc.
This Ask now comes up on the first page Google returns when searching for "no-reply@alertsp.chase.com".
🤷🏻♀️
posted by tzikeh at 6:35 AM on September 28, 2023 [5 favorites]
This Ask now comes up on the first page Google returns when searching for "no-reply@alertsp.chase.com".
🤷🏻♀️
posted by tzikeh at 6:35 AM on September 28, 2023 [5 favorites]
« Older Do you have an analog wall clock that doesn't tick... | What is the title of this electronic album? (It’s... Newer »
This thread is closed to new comments.
I have never in my life filed a claim with a bank before two weeks ago, so an email regarding the claim I filed is not anything that would trigger alarm bells; in fact I was expecting it, which is what reinforced for me that it was legitimate.
The first email's link took me right to the notice posted in my account through my banking app. The notice is there and it's real; I confirmed it with my bank over the phone. The claim number is correct. The facts set out in the notice are correct. The email was dated the same day the notice was posted.
Seven days later, I received a follow-up email regarding the conclusion of the claim, with a link to a second notice. I clicked through and indeed there was a second notice with details about what the bank and the merchant had done, and concluding the matter. Once again, confirmed with my bank, and the email was dated the same day as the notice posted.
Do I need to go scorched earth on this (new checking account, new debit card, new credit card at that bank, contact the government, IRS, ...??) or what. How much trouble am I in?
posted by tzikeh at 11:32 AM on September 27, 2023