Anatomy of a PHISH.

Anatomy of a PHISH

In these uncertain times, we must all be vigilant. Moments ago I received this text message from something purporting to be “Chase”.

ARROW 1: The first things that stood out was the the url www[.]mobile05-chase[.]net

This is a fragmented URL, which means they are hoping you focus on the last bit chase dot net and assume its real, in hopes you enter your credentials for them to harvest.

ARROW 2 above shows the actual URL which of course is not chase.com.

Here you are asked to enter your Username, Password and Phone Number. Once you submit on this page, they now have your credentials and your phone number.

NOTE: the links at the bottom seemingly go to legitimate CHASE pages.

The image above is a screenshot of the next page asking you to enter the MFA code you just got on YOUR phone, because they tried logging in with the credentials you just entered.

By entering the code you received here, you will now allow them to successfully log in to your Chase account.

Once you enter the code on the page above, you are redirected tot he real Chase website.

Be mindful of everything you click and submit.

Your Systems Aren't Expertly Managed?

PEACE OF MIND IS JUST A CLICK AWAY

Fill out the form below and we will be in touch.

GOING IT ALONE,
HAVE YOU FEELING OVERWHELMED?

Every day, our clients rely on Kontinuum to deliver the Peace of Mind that their technology will work how they need it to, when they need it to.

kontinuum blue white
About us

Creating Peace of Mind® – it's why we exist. Every member of our team lives our Core Purpose and understands what it means to our clients and our own success. 

Quick Links​
  • Home

  • Expertly Managed

  • Professional Services

  • Contact

  • Support

Company
  • About

  • Blog

  • Podcast

  • Privacy Policy

  • Refund Policy

  • Terms & Conditions

  • Status

Connect