Help guard against online threats

SECURITY CENTER

Help guard against online threats

Here are the do’s and don’ts to help protect you online.

Help secure the
door to your
digital life

Today, many of us rely on technology to store and access ﬁnancial information. At the same time, scammers keep looking for more sophisticated and creative ways to break in.

We’re committed to sharing our expertise and things you can do to help keep your digital life protected.

Help protect your online accounts

Think about using “passphrases” as your passwords

A passphrase is a string of words like a sentence that is longer than a traditional password, easy to remember and diﬃcult to crack.

An example of a good passphrase is:

MoreIceCream4Me!!!

How to make it strong?

Include 16 or more characters.
Avoid using personal data.
Don’t reuse passwords across diﬀerent services.

Consider using a digital password manager

A password manager is a tool that works across multiple devices and helps provide you with extra security by suggesting and storing strong, unique passwords for websites and apps.

In setting up your password manager you will need to create a password to access the tool. When creating this password, a passphrase could be beneﬁcial.
Some devices or browsers may have password managers built in, like Google Chrome Password Manager, Apple Safari Password Manager and Microsoft Edge Password Manager.
Examples of password managers include: 1Password, Bitwarden and LastPass.

Ways to help protect your accounts

Use reputable antivirus protection

Antivirus software detects, prevents and removes malicious software (malware) from your devices.

Tip: Choosing the automatic update feature can help ensure your software is up to date.

Update the software on your devices

Don’t ignore software and security updates, because they can help protect against the latest security vulnerabilities that hackers exploit.

Tip: Turn on automatic updates in your settings to stay current with the latest software for your phone, computer, email and web browser.

Only use apps you trust

Think before you download an app. Check the publisher and user reviews to make sure it’s legit.

Tip: Ask yourself, am I comfortable sharing information with this app, and how well will they protect it from hackers.

Avoid public Wi-Fi — use your phone data instead

Public Wi-Fi has virtually no security settings, so hackers can intercept your data. Scammers also set up networks with genuine sounding names, like “FreeAirportWiFi.”

Tip: If you do use public Wi-Fi, don’t log in to anything sensitive on your device.

Steer clear of public USB charging stations

Public USB charging stations in places like coﬀee shops, airports and hotels can be used to deliver malware onto your device to steal your data.

Tip: Plug your power cord directly into the wall outlet.

Explore more ways to help boost your Chase account security

Six steps to take

Watch out for suspicious
calls, emails and texts

“Phishing” is when you get an email that looks legitimate but asks you to call a fraudulent number, open an attachment, respond to the email or go to a website and enter personal information. By doing these actions, you can give bad actors access to your computer or accounts.

Other terms for phishing

“Smishing” is phishing by text. “Vishing” is phishing by phone.

“Spooﬁng” is phishing where a scammer disguises the email address, phone number, caller ID or website URL to look like a company you know and trust

How to spot when something’s “phishy”

Bad grammar and use of capitals
"Your account is Temporary Hold” rather than “on temporary hold.”

A strange email address
Check it matches the oﬃcial address, such as @chase.com.

Misspelled words
This is common in fake emails (and other fake communication).

Poor formatting
Emails from legitimate organizations are usually designed professionally.

Unusual requests
Asking you to log in to your account, make an immediate payment or verify your information are signs of a scam.

Attachments, links and phone numbers
Don’t open attachments, click links or verify phone numbers before making any calls.

an email example with six labeled parts to check for suspicious activity

New phone number
First text received from this phone number.

Unusual formatting
Extra spaces in the company name.

Bad grammar
Missing “card” after ATM/Debit.

Unveriﬁed phone number
A phone number that cannot be veriﬁed on the company website.

Urgent language
Pushing you into taking immediate action is a typical tactic used by scammers.

Important: We may send you text messages about your Chase products and/or services. Our texts will use short codes, which are 5- or 6-digit phone numbers. Find a list of oﬃcial Chase short codes here.

If you think a text message is suspicious, don’t respond. Instead, call us using the number on the back of your card or account statement.

a text example with five labeled parts to check for suspicious activity

Take care with what you share

Even if you don’t post very often, keeping your social media accounts and proﬁles secure can be as important as keeping your email secure. Here are some tips to help protect your online social life.

Your personal information is precious

Think of your location, date of birth and other personal info as extremely valuable. Adjust any settings to ensure this information is not visible or accessible by others.

Don’t overshare

Be extra careful what you share on social media. Scammers can now even clone your voice from audio clips and use artiﬁcial intelligence to call loved ones sounding like you.

Be mindful of friends and followers

While gaining friends and followers can be rewarding, letting strangers into your digital life can open the door to scammers.

Scammers pretend
to be from Chase.
Be ready.

When in doubt, don't engage.

Even if your caller ID, text or email says Chase, be cautious. Don’t engage if you’re asked to provide a passcode, mother's maiden name, Social Security or account number in order to resolve an issue including fraud on your account. If you’re not 100% sure it’s really Chase, call the number on the back of your Chase card or account statement.

You can report a suspicious email pretending to be from Chase by forwarding it to phishing@chase.com.

Let's work together to help protect you and those you love

What you can do to help protect yourself

Learn safety practices and the steps you can take to help protect yourself from fraud and scams.

Learn more, on ways to protect yourself

How we help protect you

We're working to make your banking safer. See how we're helping to protect you and your accounts.

Learn more, on how we work to protect you

Help protect your money as you age

Recognize the signs of financial abuse and exploitation. Get the tools you need to help you stay safe.

Learn more, about financial abuse

Frequently asked questions

To enhance online security, consider using passphrases, enable two-factor authentication, keep software updated, install reputable antivirus software, and be cautious with email and online activities. The use of a virtual private network (VPN) — a service that protects your internet connection and online privacy by hiding your IP address — can add extra protection.

Use two-factor identiﬁcation (a combination of a password and a code sent to your device); use strong passphrases; keep your operating system up to date; be cautious when installing apps; avoid unsecured, public Wi-Fi networks and set up a “remote wipe” feature, if available, in case your phone is lost or stolen

Send an email to phishing@chase.com.

See the latest scams happening now.

If it's a phone call, hang up. If it’s an email or text message, stop responding. If you think you’ve given the scammer personal or Chase account information, please contact us so we can help assess your situation.

Please contact us straight away so we can help assess your particular situation.

Help guard against online threats