Chase Bank Phish Swims Past Exchange Email Protections

Threat actors are impersonating Chase Bank in two phishing attacks that can slip past Microsoft Exchange security protections in an aim to steal credentials from victims — by spoofing real-life customer scenarios.

Researchers from Armorblox recently discovered the attacks, one of which claims to contain a credit card statement, while the other informs users that their online account access has been restricted due to unusual login activity, according to a post on the Armorblox blog posted Tuesday.

Read more…
Source: ThreatPost