Opinion: Always double-check before logging into your online banking


An email with a blue button to "review the activity" led to a Chase bank login page, making every bell in Jim Rossman's head go off at once. — Jim Rossman/TNS

I was talking on the phone with my mom last night when she told me about an email she received from her bank (Chase), warning of “some information on the dark web that may belong to her,” and to “sign in to get a closer look at the info we found.”

She said the email had a blue button to “review the activity,” and when she clicked it, there was a Chase bank login page.

As a tech journalist, these words made every bell in my head go off all at once.

SCAM.

I had not seen the email, but I told her it could very well be a phishing email designed to get her to enter the username and password to her online banking accounts.

I told her to forward the message to me and she did.

Turns out the message was legitimate. It was from a Chase monitoring program called Credit Journey, which includes setting up alerts for activity detected on the web.

Once I saw the email, several things I examined were clues to its authenticity.

If you’re on a computer, hovering the mouse pointer over the button revealed the underlying address, which was "https://www.chase.com/creditjourneyalerts."

It is very easy to create a fake webpage that looks exactly like the Chase sign-in page, but the underlying URL is usually a dead giveaway. In this case, "https" means the website is secure, and the Chase.com domain was real. Always check the address at the top of your browser page before logging in. Make sure it doesn’t look strange.

There was also fine print at the bottom of the email that stated, “If you have concerns about the authenticity of this message, please visit chase.com/CustomerService for options on how to contact us.”

I wasn’t thrilled to see a button in the email to log in, even if it was real.

I tell people to never click on a link in an email to access one of their important internet accounts. If you receive a warning of suspicious activity, leave the email and go to your usual bookmark for your account. Log in the way you usually would and see if there are any alerts there.

Contacting the bank’s customer service is always a good idea to verify the authenticity of any message.

In this age of being able to do anything online – especially with your money – please be extra careful. I’m glad Mom asked me about the message, and I’m happy it turned out to be a useful warning that a password she’d used in the past was found in a leak on the dark web.

Mom has since changed that password and even removed a few accounts online she no longer used. – Tribune News Service

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
   

Next In Tech News

Samsung Electronics' union threatens first ever walkout next week
Uber to offer Seine cruises, day trips in Paris during Olympics rush
PwC to become OpenAI's largest enterprise customer amid genAI boom
Europe’s cybersecurity chief says disruptive attacks have doubled recently, sees Russia behind many
Does your Airbnb have hidden cameras? Here’s how to find them
Tencent’s marquee game generates over RM650mil in first week
Anger and debate online as China couple let daughter urinate near Thai palace, follows case of ‘Chinese tourists, please keep clean’ sign
New Hong Kong scams using bogus online customer service staff cheat people out of RM114mil in less than five months
Man livestreams his walk through grocery store looking for people to shoot, US police say
Nobel laureate Romer says AI hype risks repeat of crypto bubble

Others Also Read