This article is brought to you by Aura.
Watch the video to see how we protect you online.
This article is brought to you by Aura. Watch the video to see how we protect you online.
Start Free Trial
4.7 stars on Trustpilot
Close Button
What is Aura? (1:10)

How To Spot a Chase Phishing Email (5 Chase Email Scams)

Did you receive a strange email claiming to be from Chase Bank? It could be a scam. Learn how to identify the latest Chase phishing email scams.

Illustration of an envelope with a fish hook inside

Aura’s app keeps you safe from scams, fraud, and identity theft. Try Aura for free.

4.7 stars as of Dec. 2023

In this article:

    In this article:

      See more

      Aura’s digital security app keeps your family safe from scams, fraud, and identity theft.

      See pricing
      Share this:

      How Do You Know If an Email From Chase Is Real?

      Over the last few years, many Chase Bank customers have been targeted with phishing emails. Designed to look like legitimate messages from Chase Bank, these emails contain harmful links that could give scammers access to your Chase online banking account — if you’re not careful.

      Unfortunately, it’s getting more difficult to identify a phishing email — and it’s costing Americans millions of dollars. 

      According to the Federal Trade Commission (FTC) [*]:

      Americans lost over $422 million to email scams in 2022 alone — with more than 150,000 reports of bank-related identity fraud specifically. 

      If you’re a Chase customer, it’s important to understand what a fraudulent email looks like and know what to do if you unknowingly give hackers access to your account details.

      {{show-toc}}

      What Is a Chase Phishing Email?

      Chase phishing emails are fraudulent messages sent by scammers posing as Chase Bank —seeking to obtain your personal details or financial information. 

      Cybercriminals use phishing emails (as well as fake phone calls, social media messages, and SMS texts) to create a sense of urgency and stress. The email message often claims your bank account has been compromised or someone attempted a large ATM withdrawal or wire transfer from your account.  

      The reason these schemes work is that scammers know you’re likely to act quickly if you think your bank account or savings are at risk. 

      Here’s what can happen if you fall for a Chase Bank scam or click on a link in a phishing email:

      • Hackers could gain access to your online bank account. Many phishing emails include links to fake websites that look identical to the legitimate “www.chase.com” login page. But if you enter your login credentials, they're immediately sent to the scammers.
      • Your device could get infected with malware. Some phishing emails contain malicious attachments or links that, when clicked, download harmful software onto your device. This malware can steal personal information, spy on your online activities, and even lock you out of your own device.
      • Scammers could trick you into sending them money. In some cases, phishing emails claim that there's an urgent payment you have to make or a pending transaction that requires your attention. If you fall for this tactic, you could unknowingly send the fraudster money — which can be almost impossible to get back.
      • Your personal information could be used for identity theft. Phishing emails may request additional personal details such as Social Security numbers (SSNs), addresses, or birthdays. Providing this information can lead to identity theft, and open the door to further financial exploitation. 
      • You may become a victim of other scams or targeted attacks. Engaging with phishing emails signifies to cybercriminals that you may be susceptible to other forms of deception. As a result, they might target you with additional scams in the future.

      The bottom line: Scammers are almost always financially motivated — and sending phishing emails claiming to be from your bank are among the most common ways that scammers try to gain access to your funds. 

      🛡 Protect your bank account (and identity) from scammers. Aura’s award-winning digital security solution monitors and protects your most sensitive financial, personal, and online accounts. Try Aura free for 14 days and secure your digital life.

      Example: A Chase Phishing Email That Almost Worked

      Scammers are continuously sharpening their tools and crafting increasingly compelling phishing emails. But despite their best efforts, they usually leave behind clues that indicate you're dealing with a scam.

      For example, here’s a Chase Bank phishing email that was sent to customers a few years ago:

      Fake Chase Fraud alert email asking if you recognize fraudulent charges on your account
      Example of a Chase Bank phishing email that claims unauthorized charges have been made on your account. Source: USA Today

      At first glance, this email is somewhat convincing. It includes the proper Chase Bank logo, the “from” name is Chase Fraud Alert, and the message looks like it links to the official “Chase.com” website. 

      But upon closer review, it becomes clear that this email is a fake. Here’s why:

      • The sender has spoofed the email address “From” name. Anyone can change an email "From" name to look like it's coming from Chase (or any other individual or organization). However, if you click on the name to reveal the sender’s true details, the email isn't from the official “@chase.com” domain.
      • The link takes you to a suspicious domain. If you hover over one or both of the links (don't click!), you’ll see that they don’t take you to the official Chase Bank website. This is a dead giveaway that the email is fake.
      • There are no additional contact methods provided. The message contains no phone number, address, or other way to get in touch with the sender. Most legitimate banks always include this information in their official communications with customers.
      • There's no personally identifiable information (PII). This email lacks any specific details that tie it to your personal account, such as your name or the last four digits of your credit or debit card number. If this were a real security email from Chase, it would likely include some information to indicate that the communication is specifically for you.
      • The sender wants you to act quickly. The email prompts you to act immediately, creating a sense of urgency. This is a common tactic fraudsters use to encourage fast action without allowing you to think through the situation carefully.

      The 5 Latest Chase Phishing Email Scams

      While the warning signs of a phishing attempt may seem easy to spot, scammers are only getting better at tricking victims. Here are a few of the most common Chase phishing email scams to watch out for:

      1. There’s been an unauthorized charge on your Chase card

      In this scam, fraudsters send you an email about an unauthorized charge on your Chase credit card — with a request that you “confirm” the charge.

      Fake email claiming to be from Chase bank asking you to confirm a recent charge by clicking either a button labeled yes or no
      Example of a fake Chase email asking you to confirm recent charges

      But if you respond in any way, you’ll either be taken to a fake website or receive a phone call from someone posing as a Chase Bank employee who will convince you to share information or transfer your funds to a so-called "secure" account via a payment app like Zelle.

      What makes this scam so dangerous is that fraudsters can personalize it with stolen information, such as your name and the last few digits of your card number. But don’t be fooled by these details as they can be easily obtained on the Dark Web after a data breach.

      What to do if you get this Chase phishing email: If you’re notified about a fraudulent transaction, log in to your Chase account directly via the website or mobile app to verify the information for yourself. Never log in to your bank account by clicking on a link in an email or text message.

      💡 Related: 20 Phishing Email Examples (And How To Spot Them)

      2. Your online Chase account has been temporarily suspended

      Scammers often send phishing emails that claim your bank account has been temporarily suspended and will remain so until you “verify” your account numbers, passwords, or other sensitive information — such as your Social Security number (SSN).

      Fake email claiming to be from the Chase Fraud Department informing the recepient that their account has been temporarily disabled
      Example of a Chase Bank phishing email sent to hundreds of thousands of targets. Source: Reddit

      Again, if you click on the link, you’ll most likely be taken to a fake Chase online banking login page that steals your account information. 

      Unfortunately, Chase Bank customers aren’t the only ones dealing with this scam. There is a similar Bank of America phishing email that’s going around, so be vigilant if you have accounts with either bank.

      What to do if you get this Chase phishing email: Log in to your Chase account directly to see if your account has been suspended. If there’s no message indicating the suspension, you’re dealing with a phishing scam.

      🛡 Safeguard your finances with award-winning protection. Aura’s all-in-one digital security solution has been rated #1 by Money.com, USNews.com, Forbes, and more. Try Aura free for 14 days and protect yourself and your family against future fraud.

      3. You need to update your personal or account information

      Scammers often disguise phishing attempts in basic “update” emails. These messages claim that Chase needs updated information for your account before you can continue using it and request that you log in and update your account. 

      Fake Chase email asking for verification of personal information before you can access your account again
      Example of a phishing email claiming your account information is out of date. Source: Twitter

      But by entering your sensitive details on an attached PDF or fake website, you're handing your data directly to the scammers who have sent the message.

      What to do if you get this Chase phishing email: If you get a suspicious email from Chase asking you to update your contact information, call the bank directly by using the number found on Chase’s official website in order to confirm its authenticity. If the email is legitimate, you’ll be able to update your information over the phone.

      💡 Related: What Can Scammers Do With Your Name and Address?

      4. Fake Chase credit card account statements

      This phishing attack lures you into thinking you've received an authentic statement from Chase Bank. The email may include an attachment that claims to be your latest statement or a link to log in to your account. 

      But clicking on the link will take you to a fake login page on which you’ll be asked to enter your bank account information. 

      Two screens showing examples of a fake Chase bank online banking login page
      Example of a fake Chase Bank login page using a different domain. Source: Bleeping Computer

      Alternatively, the email may include an attachment (purported to be your account statement) that, when downloaded, infects your device with malicious software.

      What to do if you get this Chase phishing email: Never click on links or open unfamiliar email attachments, especially if you think the message might be a spoof. Chase Bank only offers paperless statements when you log in to your account — you’ll never receive a statement via email. 

      5. Your contact details were deleted from your Chase QuickPay settings

      This scam makes you think someone has gotten into your Chase account and is deleting or changing your QuickPay information (like your email address or phone number). 

      The message will urge you to click on a link to investigate the situation or confirm that you made the changes. However, this link leads to a fraudulent website on which your login credentials are collected by cybercriminals when you attempt to "fix" the issue.

      What to do if you get this Chase phishing email: If you receive any concerning emails from Chase, call the bank directly to confirm if there’s a security issue with any of your accounts. If there’s not, forward the email to the bank’s fraud department so they can investigate.

      💡 Related: How To Protect Your Bank Account From Identity Theft

      Did You Open or Click on a Link in a Phishing Email? Do This!

      If you accidentally opened a phishing email or engaged with a Chase phishing scam in some way, don't panic. Here's what you should do next:

      • Contact Chase immediately. Chase has a dedicated fraud department that can help you secure your account. Checking and savings customers can reach Chase’s fraud department  at 1 (800) 935-9935, and credit card customers can call 1 (800) 955-9060. You can also forward suspicious emails to phishing@chase.com.
      • Change your passwords. Once you've reported the incident to Chase, change your password. Remember to use a unique password for each account to help keep your information secure.
      • Monitor your accounts. Keep a close eye on your Chase accounts (and any other financial accounts) for unauthorized activity. Notify the bank immediately if you see any unfamiliar transactions.
      • Scan for malware. Run a full scan on your computer or mobile phone using antivirus software. Phishing scams often contain malware that can infect your device.
      • Update your device software. Make sure all of your device's software is up to date, including your antivirus and web browser. Updates often contain security patches that help protect your devices from cybersecurity threats.
      • Check on your other accounts. If you use the same password for your bank that you use for other personal accounts, you should change all of your passwords. Hackers may try to access your other accounts by using the same credentials.
      • Get a copy of your credit report. When you’re dealing with financial fraud, it’s always a good idea to request a copy of your credit report. Check for new accounts that you don’t recognize or any other information that’s unfamiliar.
      • Consider signing up for identity theft protection with credit monitoring. Aura’s all-in-one solution monitors your most sensitive personal information (SSN, phone number, etc.) for fraud — as well as all of your financial accounts and credit reports.  If anything is detected, you’ll be notified in near real-time and given the support you need to shut down scammers. 
      💪 Don’t deal with fraud and identity theft alone. Every Aura plan includes 24/7 access to U.S.-based White Glove Fraud Resolution Specialists — as well as a $1 million insurance policy for eligible losses due to identity theft. Try Aura free for 14 days and get the support you need!

      How To Protect Your Bank Account From Scammers

      All banks — including JPMorgan Chase & Co. — are prime targets for scammers. And while your bank does a good job of protecting your account from hacking and fraud, it can’t stop attacks targeted directly at you. 

      Chase phishing scams present big problems for customers, which can lead to serious consequences if you engage with scammers. However, there are many ways to protect yourself and your information online. Here are a few tips for keeping your online accounts safe:

      • Regularly monitor your bank statements. The faster you catch the early warning signs of fraud, the better. Keep an eye out for fraudulent or suspicious transactions, or use a trusted credit monitoring service like Aura to keep watch for you.
      • Only use official banking apps for transactions. Log in to your online bank account only by using the bank’s mobile app or official website. This ensures that you don’t end up on a fake website designed to steal your personal information. 
      • Avoid banking on public Wi-Fi networks, and use a virtual private network (VPN). A reliable VPN adds an extra layer of security by encrypting your internet connection. This makes it much harder for hackers to intercept your online activity or personal information. 
      • Use secure and unique passwords. A strong password can be the ultimate form of protection for your bank account. Make sure you’re not reusing passwords across accounts. Instead, create unique passwords for every account, and include upper and lower case letters, numbers, and symbols. Aura’s robust password manager can store and protect all of your passwords for you, so you don’t have to worry about remembering them.
      • Enable two-factor authentication (2FA) on your accounts. This is an additional security measure that requires a secondary form of authentication (such as a special code sent to your phone) before you can access your account. Accounts with 2FA are much harder for hackers to access. 
      • Never give out passwords, PINs, or one-time use codes. Your bank will not ask for this sensitive information. Anyone who wants your codes, PINS, or passwords is trying to scam you. 
      • Don’t click on links in suspicious emails. Always hover over a link first to see where it’s taking you. If you do click on a link, make sure you’re on the right domain and that it’s a secure website
      • Install trusted digital security software. Aura’s all-in-one solution includes powerful antivirus software, a military-grade VPN, secure password manager, and Safe Browsing tools to block fake websites. 
      • Keep yourself informed about new phishing scams. Fraudsters are always finding new ways to target your bank account. If any message seems suspicious, do a Google search to see if it’s a new scam. 

      While you can follow these steps to keep your bank accounts safe, there’s always the chance that a new scam will slip past your defenses. 

      Aura’s all-in-one intelligent safety solution can do the work for you and keep you and your whole family safe.

      With Aura, you get transaction and bank account monitoring, award-winning identity theft protection and credit monitoring, artificial intelligence (AI)-powered digital security tools, and $1 million in identity theft insurance coverage for every adult member on your Aura plan. 

      Keep your bank accounts safe from scammers. Try Aura free for 14 days.

      Award-winning identity theft protection with AI-powered digital security tools, 24/7 White Glove support, and more. Try Aura for free.

      Related Articles

      Illustration of a smartphone with a text bubble on the screen
      Fraud

      How To Spot a Fake Bank Text Message Scam

      Fake bank text messages are a form of smishing where fraudsters use texts to impersonate financial institutions and phish for PII.

      Read More
      January 16, 2024
      Illustration of an upright question mark with a dollar sign for its shadow
      Fraud

      Do Banks Refund Scammed Money? (How To Dispute Fraud)

      Do banks refund scammed money, or is it gone forever? To boost your chances of a refund, you need to know what to do if you fall victim.

      Read More
      December 22, 2023

      Try Aura—14 Days Free

      Start your free trial today**