Dec 7, 2010 17:56 GMT  ·  By

Security researchers warn of a new email phishing campaign targeting customers of JPMorgan Chase’s payment processing and merchant services, Chase Paymentech.

According to researchers from messaging security company AppRiver, the emails began hitting people’s inboxes at an aggressive rate earlier today.

Like many other phishing attacks, the message claims that account information needs to be updated and provides users with a link to a phishing page.

The page is hosted on domains of the form online13-chasepaymentech.com, whose names are close to the real chasepaymentech.com one.

However, it’s worth noting that logging into Paymentech Online accounts is normally done at SSL-protected my.chasepaymentech.net, not chasepaymentech.com.

There are multiple domains being used in this attack, all of which were registered earlier today. We have already quarantined over 12,000 of these messages this morning alone,” writes Troy Gill, a security researcher at AppRiver.

In addition, the header of the phishing page doesn’t match the one currently displayed on the real login site, suggesting that attackers might have used an older template.

A message on the fake page reads: “Welcome back! You may notice some changes to your login page, but your login process is still the same. We have made updates on our end in order to ease usability and maximize functionality.”

If users fall for this trick and input their usernames and passwords, they are taken to a form that asks for a wealth of personal information.

In particular, the rogue form includes fields for full name, address, city, state, zip, phone number, email address, company name, tax ID and Social Security number.

Since Chase Paymentech is the payment processing and merchant services arm of JPMorgan Chase, it means that unlike most phishing attacks, this one targets businesses.

In addition to these messages we are also monitoring several different variants of phishing attacks currently targeting Chase card carriers,” Mr. Gill notes.