January 16, 2013
Beware of phishing scam related to JP Morgan Chase
Cigna has notified Purdue Human Resources that some customers have reported receiving automated calls and phishing emails that appear to be coming from JP Morgan Chase. These contacts ask for account information, and Purdue employees should not respond to these messages.
"The concern for us is that the administrator for our employee health savings accounts has changed from Cigna and JP Morgan Chase in 2012 to PayFlex for 2013. We don't want employees to fall prey to one of these phishing scams in the belief that the email legitimately relates to the HSA change," says Eva Nodine, benefits manager in Human Resources.
ITaP Security and Policy warns the Purdue community that the University has been specifically targeted by spear phishing attacks made to look like they are coming from JP Morgan Chase asking for account information. These emails are not being sent from Chase.
Report computer incidents to Purdue at www.purdue.edu/securePurdue/incidentReportForm.cfm.
For questions concerning this advisory, send email to firstname.lastname@example.org.