Skip to main content

Help guard against online threats

SECURITY CENTER

 

Help guard against online threats

Here are the do’s and don’ts to help protect you online.

Help secure the
door to your
digital life

Today, many of us rely on technology to store and access financial information. At the same time, scammers keep looking for more sophisticated and creative ways to break in.

 

We’re committed to sharing our expertise and things you can do to help keep your digital life protected.

 

Help protect your online accounts

Think about using “passphrases” as your passwords

 

A passphrase is a string of words like a sentence that is longer than a traditional password, easy to remember and difficult to crack.

 

An example of a good passphrase is:

 

MoreIceCream4Me!!!

 

How to make it strong?

  • Include 16 or more characters.
  • Avoid using personal data.
  • Don’t reuse passwords across different services.

Consider using a digital password manager

 

A password manager is a tool that works across multiple devices and helps provide you with extra security by suggesting and storing strong, unique passwords for websites and apps.

 

  • In setting up your password manager you will need to create a password to access the tool. When creating this password, a passphrase could be beneficial.
  • Some devices or browsers may have password managers built in, like Google Chrome Password Manager, Apple Safari Password Manager and Microsoft Edge Password Manager.
  • Examples of password managers include: 1Password, Bitwarden and LastPass.

Ways to help protect your accounts

Use reputable antivirus protection

Antivirus software detects, prevents and removes malicious software (malware) from your devices.

 

Tip: Choosing the automatic update feature can help ensure your software is up to date.

Update the software on your devices

Don’t ignore software and security updates, because they can help protect against the latest security vulnerabilities that hackers exploit.

 

Tip: Turn on automatic updates in your settings to stay current with the latest software for your phone, computer, email and web browser.

Only use apps you trust

Think before you download an app. Check the publisher and user reviews to make sure it’s legit.

 

Tip: Ask yourself, am I comfortable sharing information with this app, and how well will they protect it from hackers.

Avoid public Wi-Fi — use your phone data instead

Public Wi-Fi has virtually no security settings, so hackers can intercept your data. Scammers also set up networks with genuine sounding names, like “FreeAirportWiFi.”

 

Tip: If you do use public Wi-Fi, don’t log in to anything sensitive on your device.

Steer clear of public USB charging stations

Public USB charging stations in places like coffee shops, airports and hotels can be used to deliver malware onto your device to steal your data.

 

Tip: Plug your power cord directly into the wall outlet.

Explore more ways to help boost your Chase account security

Watch out for suspicious
calls, emails and texts

“Phishing” is when you get an email that looks legitimate but asks you to call a fraudulent number, open an attachment, respond to the email or go to a website and enter personal information. By doing these actions, you can give bad actors access to your computer or accounts.

 

Other terms for phishing

 

“Smishing” is phishing by text. “Vishing” is phishing by phone. 

“Spoofing” is phishing where a scammer disguises the email address, phone number, caller ID or website URL to look like a company you know and trust

How to spot when something’s “phishy”

  1. Bad grammar and use of capitals
    • "Your account is Temporary Hold” rather than “on temporary hold.”
  2. A strange email address
    • Check it matches the official address, such as @chase.com.
  3. Misspelled words
    • This is common in fake emails (and other fake communication).
  4. Poor formatting
    • Emails from legitimate organizations are usually designed professionally.
  5. Unusual requests
    • Asking you to log in to your account, make an immediate payment or verify your information are signs of a scam.
  6. Attachments, links and phone numbers
    • Don’t open attachments, click links or verify phone numbers before making any calls.
an email example with six labeled parts to check for suspicious activity

Take care with what you share

Even if you don’t post very often, keeping your social media accounts and profiles secure can be as important as keeping your email secure. Here are some tips to help protect your online social life.

 

 

Your personal information is precious

 

Think of your location, date of birth and other personal info as extremely valuable. Adjust any settings to ensure this information is not visible or accessible by others.

 


Don’t overshare

 

Be extra careful what you share on social media. Scammers can now even clone your voice from audio clips and use artificial intelligence to call loved ones sounding like you.

 


Be mindful of friends and followers

 

While gaining friends and followers can be rewarding, letting strangers into your digital life can open the door to scammers.

Scammers pretend
to be from Chase.
Be ready.

When in doubt, don't engage.

Even if your caller ID, text or email says Chase, be cautious. Don’t engage if you’re asked to provide a passcode, mother's maiden name, Social Security or account number in order to resolve an issue including fraud on your account. If you’re not 100% sure it’s really Chase, call the number on the back of your Chase card or account statement.

 

You can report a suspicious email pretending to be from Chase by forwarding it to phishing@chase.com.

Frequently asked questions

To enhance online security, consider using passphrases, enable two-factor authentication, keep software updated, install reputable antivirus software, and be cautious with email and online activities. The use of a virtual private network (VPN) — a service that protects your internet connection and online privacy by hiding your IP address — can add extra protection.

Phishing is a type of cyberattack where attackers use deceptive emails or messages to trick individuals into revealing sensitive information. To avoid falling victim, be skeptical of unexpected emails, verify sender information, avoid clicking on suspicious links and don’t provide personal information to those you don’t know.

Use two-factor identification (a combination of a password and a code sent to your device); use strong passphrases; keep your operating system up to date; be cautious when installing apps; avoid unsecured, public Wi-Fi networks and set up a “remote wipe” feature, if available, in case your phone is lost or stolen

Send an email to phishing@chase.com.

See the latest scams happening now.

If it's a phone call, hang up. If it’s an email or text message, stop responding. If you think you’ve given the scammer personal or Chase account information, please contact us so we can help assess your situation.

Please contact us straight away so we can help assess your particular situation.