Concern Over Redirecting to Scam Websites During Chase Bank Login: A Guide to Diagnosing and Preventing Phishing Attacks
Recently, a user reported an alarming issue: upon attempting to access her Chase Bank account, she was unexpectedly redirected to a suspicious and potentially malicious website—donkey-credit.org. This incident has raised concerns about potential malware infections and phishing attacks targeting her computer, prompting a need for thorough diagnosis and remediation.
The User’s Experience
The user outlined her typical login process:
1. Navigates to chase.com.
2. Her browser autofills credentials from prior sessions, but since her password was recently changed, these autofill details are incorrect. She proceeds to click “Sign In.”
3. Instead of seeing the usual Chase login or an error message such as “We can’t find that username and password. Try again,” she is redirected unexpectedly to donkey-credit.org, a known scam site.
In addition to this redirect, she encountered a fullscreen pop-up warning claiming her computer was infected and urging her to call a “Microsoft” number—a common tactic used in tech-support scams and malware infections.
Initial Observations
- Inconsistent Behavior: The issue appears to occur sporadically, as monitoring reveals the login process sometimes proceeds normally.
- Potential Malicious Activity: The presence of malware, suspicious redirects, and fake alerts suggests the system may be compromised.
Immediate Actions Taken
The user ran a scan with Malwarebytes, which identified and quarantined 1,897 malicious items. This suggests a significant malware infection, which could explain the redirects and fake alerts.
Recommendations for Diagnosis and Prevention
If you or your users encounter similar issues, consider the following steps:
1. Verify Browser and System Security
- Run comprehensive malware scans: Use reputable tools like Malwarebytes, Windows Defender, or others to identify and remove threats.
- Update all software: Ensure your operating system, browsers, and security tools are up to date to patch vulnerabilities.
2. Check for Browser Hijackers or Malicious Extensions
- Review installed extensions and remove any unfamiliar or suspicious ones.
- Reset browser settings to default to eliminate unwanted redirects.
3. Clear Browsing Data and Cache
- Clear cookies, cache, and stored autofill data to prevent hijacked credentials from auto-filling incorrectly.
4. Use Secure Authentication Methods
- Avoid autofill for sensitive websites;
Share this content:
