The following is a real email, with minor details removed, in which J.P. Morgan Chase works hard to train its customers to become phishing victims.
I've left in the name that the email was sent under -- I see no reason to protect the guilty. The original version of the email was multipart alternative, with an HTML version that is, believe it or not, even worse than the text version. I've been watching Chase operate like this for a few years now, and every time I think they've hit the bottom of the ocean of misguided behavior, they come out with a new demonstration that there are new depths yet to dive to. Perry From: "Chase Business Banking" <[EMAIL PROTECTED]> Reply-to: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Chase Business Customers, we need your help! Date: Tue, 24 Apr 2007 XX:XX:XX -XXXX We're working to better serve your business needs! ================================================================= Dear Business Customer, We're updating our records and need your help to ensure we have the most up-to-date information about your business. This is an important step in ensuring that we can continue to provide you with timely and accurate information about your accounts. Go here to answer a couple of questions about your business profile: http://click.chase.com/XXXXXXXXX.XXXXX.X.XXXX.XXXXXXXXX It will take you less than 60 seconds, and then you're done! And remember, the more we know your business, the better we can serve your ever-changing needs. Thanks for choosing Chase. Sincerely, Janet M. Hawkins Chief Marketing Officer Business Banking ----------------------------------------------------------------- E-mail Security Information If you would like to learn more about e-mail security or want to report a suspicious e-mail, click here: http://click.chase.com/XXXXXXXXX.XXXXX.X.XXXX Note: If you are concerned about clicking links in this e-mail, the Chase Online services mentioned above can be accessed by typing www.chase.com directly into your browser. ----------------------------------------------------------------- ABOUT THIS MESSAGE TO UNSUBSCRIBE from future promotional e-mails from Chase, please reply to this e-mail and type "UNSUBSCRIBE" in the "Subject" line. The e-mail address from which you send the request will be removed from our e-mail list. Please allow ten business days for us to process your request. You will continue to receive service related e-mail messages that concern your existing Chase banking products and services. If you want to contact Chase, please do not reply to this message, but instead go to www.chase.com. For faster service, please enroll or log in to your account. Replies to this message will not be read or responded to. Your personal information is protected by advanced technology. For more detailed security information, view our Online Privacy Policy: http://click.chase.com/XXXXXXXXX.XXXXX.X.XXXX To request in writing: Chase Privacy Operations, 451 Florida Street, Fourth Floor, LA2-9376, Baton Rouge, LA 70801. JPMorgan Chase Bank, N.A. Member FDIC. Equal Opportunity Lender (C) 2007 JPMorgan Chase & Co. XXXXXXXXX This e-mail was sent to: [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
