[Click for larger version.]
When I saw the subject line of this e-mail — "Slight error regarding your account," I knew that someone was going phishing. I was curious enough to open this message and see what it looked like. Look carefully:
The greeting is generic, no name or account number.If I were reading this e-mail in panic mode, I'd be likely to miss these details, just as the dim phishers themselves have. But even in panic mode, mousing over the link to read the URL before clicking is all that would be necessary to determine that this e-mail is a phony. The words in blue point to a Chilean URL that (of course) has nothing to do with Chase. I have no idea what is to be found there.
The words inability and regularly are misspelled. The word your appears as you.
The odd phrase "address changing" suggests a lack of familiarity with American idioms.
The end punctuation of the numbered items is inconsistent.
The numbered items are out of sequence! (Sheesh! Thes guys ned to proofred.)
The sentence in red is missing a pretty obvious comma. The unnecessary then in that sentence also suggests that the English of this message is a matter of labor.
[Update: A comment on this post suggests that mousing over might not be enough. So even if the revealed URL appears legitimate, don't click. If you suspect a genuine problem with an account, use the phone or visit the appropriate website.]
A phisher who reads this blog post might learn something about creating more plausible-looking e-mails. But that remote possibility is outweighed by the more likely possibility that some reader will stop and think before clicking on a questionable link.
You can check on or report a specious URL at PhishTank. The URL in my e-mail has already been verified as belonging to a phisher. PhishTank also has a page with suggestions about what to look for in a phishing message.
[Thanks to Eustace of The Lock and Key, whose comment prompted me to update this post.]
Related post
Phishing