One brand that has repeatedly been targeted by phishing campaigns is Chase Bank, where cybercriminals target people who use the company’s financial services. A report released Tuesday by cybersecurity provider Cyren focuses on the latest phishing attempts to exploit Chase and offers tips for users not to fall victim to this type of scam.

According to Cyren, Chase Bank is now the sixth most expensive counterfeit brand in phishing URLs. Chase ranks third among financial companies, behind PayPal.

From mid-May to mid-August, Cyren researchers recorded a 300% increase in phishing URLs that forged the Chase brand. Behind all these malicious URLs are phishing kits that cybercriminals buy, sell and use for their campaigns. Chase was the second most frequently attacked brand among all phishing kits in the last six months, followed by Microsoft 365 at the top.

The majority of phishing kits that Cyren has been investigating since May were built to steal more than just email addresses and passwords. These kits aim to steal bank and credit card information, social security numbers, home addresses and other sensitive information. Some kits even attempt to steal one-time use codes used for two-factor authentication. To target Chase Bank customers via email or text message, attackers have used a popular phishing kit called Chase XBALTI.

After successful phishing campaigns, cybercriminals have more than enough information to sell on the Dark Web for additional attacks, account takeovers and identity fraud. Each piece of sensitive data stolen is sent to the attacker’s email address, which is set up within the phishing kit.

To better detect and stop phishing attacks, Cyren has the following tips:

  • Avoid clicking on links or dialing any phone number listed in an email or text message. Instead, contact the company using the information on its website or through its official mobile app. Chase customers can also report phishing emails to Chase Bank.
  • If customers are unsure about the legitimacy of a particular email or text message, they can ask someone else to check it. Many organizations also have ways to report suspicious emails. Mobile carriers have steps to report suspicious phishing messages. Customers can also submit potential phishing URLs via the Cyren Website URL Category Checker, VirusTotal and PhishTank.
  • Customers can detect and avoid many phishing attacks by checking the message for spelling errors and other inconsistencies. Check the copyright date in the footer and make sure that the displayed URL is correct.