Fraudsters are targeting JPMorgan Chase & Co customers in an email phishing campaign that is unusual because it attempts to collect credentials for that bank and also infect PCs with a virus for stealing passwords from other institutions.
The campaign, dubbed "Smash and Grab," was launched on Tuesday with a widely distributed email that urged recipients to click to view a secure message from JPMorgan, according to security researchers with corporate email provider Proofpoint Inc.
JPMorgan, the No. 1 U.S. bank by assets, confirmed that spammers had launched a phishing campaign targeting its customers.