Is there anyone I could report this to? (phishing scam in my email)

I received an email this morning from “BankOne” with whom I do not have an account.

It was titled “Security Measures!”

They say my account may have been compromised and I should log into the link provided and verify that no unauthorized activity has taken place with my account (again I have no account at BankOne).

It even has a BankOne Logo in the email, although to me it looks like something made with a free logo maker program.

Since I have no account there I’m not at risk to lose anything, but I would like to report this if there is some agency out there that handles these things, before someone who DOES have an account and may be gullible enough to click that link.

Usual procedure is to report it to the real version of whoever it’s purporting to be from - assuming BankOne is in fact a legitimate operation (I’ve never heard of it, but that’s not necessarily surprising).

Here’s what the bank in question say.

I used to report them, but the larger banks are well aware of them now, and are trying to educate their customers about the problem, so you can probably just ignore this.

Here is a link showing that they are familiar with your issue.

Thanks everyone. I couldn’t report it to the sender, they had a little disclaimer on the bottom saying do not reply, no one will see it. It then said if I had any questions to log in using the link and click on help.

This is my first experience with receiving an email like this, but I’ve heard so much about these scams that I wanted to do my part to report it if that was possible.

This is your first phishing e-mail?! Lucky you - I probably get at least half a dozen a week (mostly Paypal in my case). I have read a number of articles (sorry, no cites) that a number of organizations are going after the phishing sites as fast as they show up, so your phishing site has almost certainly been noticed by somebody appropriate already, but here is one site you can go to to report it.

I wouldn’t recommend trying to report it to the sender anyway; the thing to do is independently contact the company that it’s pretending to be from and find out if they want it reported; so if you get one pretending to be from ebay, go to ebay.com (independently - not by following any links in the spoof message) and search their site for info about what to do (for eBay and PayPal, it’s just a case of forwarding the message to spoof@ebay.com or spoof@paypal.com).

It is still worth doing this, if the company is one that takes an active role in fighting the problem - the scam relies on two things - 1) people believing that the message is real and 2) the link in the email message remaining alive long enough to capture some useful data - if you report it to the legitimate company, and if they’re on their toes, they can have the ISP hosting the scam page shut it down to limit the damage caused by that particular phishing incident.

I’d forgotten about the constantly changing link aspect of the phishing scams, so ignore my advice above and report it, like Mangetout advises.

BankOne was a legitimate issuer of credit cards, but they were recently bought out by Chase and their credit cards transferred. So the phishers are even using a nonexistant bank. :smack:

If you’re feeling industrious, you can dig a bit and find out who their web hosting company is - I’ve gotten a couple ISP’s to take down phishing sites put up by their users.

The proper place to report these sort of things, if you’re so inclined, is the Federal Trade Commission. You can file a complaint online, or simply forward the email to them: