Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Chase Paymentech 'Merchant Billing Statement' Malware Email

Outline
Email purporting to be from payment processing company Chase Paymentech claims that the recipient can view a Merchant Billing Statement by opening an attached file.



Brief Analysis
The email is not from Chase Paymentech. The attachment contains malware. If you receive this email, do not click any links or open any attachments that it may contain.

Bookmark and Share

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Scroll down to submit comments
Last updated: November 20, 2012
First published: November 20, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

Subject: Merchant Billing Statement

Attached is your Chase Paymentech electronic Merchant Billing Statement.

If you need assistance, please contact your Account Executive or call Merchant Services at the telephone number listed on your statement.
PLEASE DO NOT RESPOND BY USING REPLY. This email is sent from an unmonitored email address, and your response will not be received by Chase Paymentech.

Chase Paymentech will not be responsible for any liabilities that may result from or relate to any failure or delay caused by Chase Paymentech's or the Merchant's email service or otherwise. Chase Paymentech recommends that Merchants continue to monitor their statement information regularly.

----------
Learn more about Chase Paymentech Solutions, LLC payment processing services at [link removed]
----------


THIS MESSAGE IS CONFIDENTIAL. This e-mail message and any attachments are proprietary and confidential information intended only for the use of the recipient(s) named above. If you are not the intended recipient, you may not print, distribute, or copy this message or any attachments. If you have received this communication in error, please notify the sender by return e-mail and delete this message and any attachments from your computer.




Detailed Analysis
According to this email, which purports to be from large payment processing company Chase Paymentech, the recipient can view an electronic Merchant Billing Statement by opening an attached file.

However, the email is not from Chase Paymentech and the attachment does not contain a billing statement. In fact, opening the attached file can install malware on the user's computer. Once installed, such malware can typically collect sensitive information from the compromised computer, make connections to remote servers controlled by Internet criminals and download further malware components.

As with many other such malware campaigns, the message attempts to trick recipients into opening the attachment without due caution. Chase Paymentech customers may open the attachment in the mistaken belief that it contains a legitimate file associated with their account. Non-customers may open the attachment with the view that some error has been made that may need to be rectified as soon as possible. The scammers have attempted to make the email sound more believable by including a link to the genuine Chase Paymentech as well as legitimate sounding liability and confidentiality statements.

If you receive this message, do not open any attachments or click on any links that it contains.

Bookmark and Share




Last updated: November 20, 2012
First published: November 20, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer