Dear Chase ® Client: Due to our concerns, for the safety and integrity of your Online Account, we have issued this warning message.The link is http://chaseonline.chase.com.colappmgrcolportal.com/prospect;sreenid=Update_Acct. You can see that the URL tries to look like chase.com, but it's really pointing to colappmgrcolportal.com, where I'm sure you can find all kinds of unsavory characters. However, they did actually use an image that comes from chase.com: http://www.chase.com/ccpmweb/shared/image/chaseNewlogo.gif -- sneaky.It has come to our attention that your Chase Online account information needs to be updated as part of our continuous commitment to protect your account and to reduce the instance of fraud on our website. Please take out some time to update your personal records to enable us serve you better.
Once you have updated your account records, your account services will not be interrupted and will continue as usual.
To update your Online records, click on the following link:
How can you tell this is a scam? The trick is to look at the end of the URL (or the last time it says ".com" or ".org" before the "/" and all the other URL info). Then, type in the URL that you know to be valid -- don't click on a link supplied in the email. When in doubt, call the number on your statements and ask for details.
In addition, the "From" address is hufylw@mail.profireal.bg. Doesn't look like a Chase employee or automated system to me.
Finally, notice the extra comma in the first sentence. Not everybody writes perfectly every time (myself included), but weird spelling and punctuation should always make you suspicious.
Further reading: