Procurement
ALERT: Phishing

Report Phishing E-mails and Purchasing Card Fraud to Chase

It has come to Procurement's attention that members of the Yale community may be receiving unusually large number of phishing e-mails purportedly coming from Chase or Chase Manhattan or Chase Bank or even JP Morgan Chase Bank. Yale University Procurement along with Yale University Information Security want to ensure that you do not fall victim to one of these schemes. The social engineering tactics used by these criminals are getting sharper and so Yale staff needs to collectively increase its awareness of these types of "Phishing" schemes.

What can I do to help?

The best way to stop these e-mails is to forward copies to the appropriate agencies. Please send all Chase or JP Morgan Chase phishing emails to: JPMorganChase.Fraud.Prevention@jpmchase.com

NOTE:  Procurement previously sent out this communication and discovered that its messaging tool was applying logic that removed a “.” before the word “Fraud” in the email address above.   If you continue to have trouble using this email address, please go to Chase’s ‘Combating Fraud’ web site below and follow instructions for reporting a suspicious e-mail or a case of fraud: 

http://www.chase.com/cm/cs?pagename=Chase/Href&urlname=/shared/crb/page/combatting_fraud.jsp

You can also forward any phishing e-mail to spam@uce.gov

Information on Phishing:

Yale University's Information Security web sites on:

Phishing - http://www.yale.edu/its/security/goodmeasures/phishing/index.html
ID Theft - http://security.yale.edu/goodmeasures/ProtectingYourIdentity.html

(See links to other sites at the bottom of the page.)

The following information is provided by JP Morgan Chase:

To help you safeguard your personal and financial information, Procurement recommends that you be suspicious of any e-mail that:

  • Requires you to enter personal information directly into the e-mail or submit that information some other way.
  • Threatens to close or suspend your account if you do not take immediate action by providing personal information.
  • States that your account has been compromised or that there has been third-party activity on your account and requests you to enter or confirm your account information.
  • States that there are unauthorized charges on your account and requests your account information.
  • Asks you to enter your User ID, password or account numbers into an e-mail or non-secure webpage. 
  • Asks you to confirm, verify, or refresh your account, credit card, or billing information.

For detailed information on what fraudulent e-mails look like, steps you should follow in dealing with these solicitations and other information, please go to your browser and type in http://www.chase.com. Then click on "recognize and report fraudulent e-mail" on the left-hand side of the screen.

Should you have questions, please contact:

Scott Lucker, C.P.M., Manager Electronic Commerce
Yale University Procurement
scott.lucker@yale.edu

Morrow Long, University Information Security Officer
Yale University ITS
morrow.long@yale.edu