UW–⁠Madison Information Technology
Connecting & supporting our digital campus
Keyboard with money being taken away by a fishing hook

1/28 Email phishing alert: Subject line “Debit Alert”

Posted by Office of Cybersecurity on January 28, 2022

This article was published on January 28, 2022 and has not been updated since. It remains published for archival purposes, but its subject matter may be out of date.

Beginning on or around January 24, scammers sent a Business Email Compromise (BEC) email message to several people on campus that appears to be from Chase Bank, but was actually a forgery. The subject line reads “Debit Alert.” The body of the email contained a message beginning “You scheduled an automatic bill payment on you credit card” and went on to provide spurious details about a debit transaction, prompting the recipient to click a link if they did not make this payment. 

The full message reads:

You scheduled an automatic bill payment on you credit card

Payment amount: $630.00
Effective date: 27/01/2022
Payment authorized on: 28/01/2022
Did not make this payment verify your account information and cancel it

Cancel Payment

If you make this payment between 8 PM ET and 11:59 PM ET, we’ll post your payment for the date you chose, but you can post payment manually.

NOTE: We’ll process this one-time electronic payment as scheduled.

To cancel a payment scheduled for a future date, please click the cancel link above or visit us at chase.com.

This kind of email is difficult to detect and block with security tools because it lacks tell-tales such as links or attachments and contains limited text. For that reason, it’s vital that we are all vigilant against and able to recognize them.

Recognizing BEC Email 

You can recognize BEC email by some of the classic signs of phishing emails:

  • The email From: line contains an address with a domain name other than legitimate sender’s, in this case “Chase Bank <support@gvit.de>” rather than “Chase Bank <support@chase.com>.”
  • The tone of the email conveys a sense of urgency. 
  • The email contains grammatical errors

As in this case, BEC email may also contain a request for your cell phone number, so the impersonator can shift from email to SMS text messages. 

What to do if you receive a BEC email message

If you receive a message like this, you can easily report it using the “report phishing” feature within the Office 365 web or desktop email client or by forwarding the email headers to abuse@wisc.edu

If you are ever unsure whether an email message is legitimate, do not respond to it. Contact the DoIT Help Desk at 608-264-4357 for advice. 

If you or someone you know replied to such a message resulting in the loss of funds, report it to:

If you or someone you know responded to such an email and received a text message, ignore them or block them.

Tips for Leadership

Help protect the university and the people in your team, department, unit or division from BEC email scams: 

Establish ahead of time how:

  • Purchases are to be made and by whom
  • You will normally communicate, e.g., only from your @wisc.edu email 
  • Requests can be verified and by whom

Additional references

Historical UW-Madison awareness on specific BEC campaigns: