Remove “Capital One – Card Purchase Is Under Review” email

The “Capital One – Card Purchase Is Under Review” email is part of a phishing campaign targeting Capital One login credentials. The email falsely informs recipients that their Capital One cards have been temporarily locked because of an excessive number of purchases. This has supposedly triggered Capital One’s security protocols, and if users want to use their cards again, they have to review their card activity by clicking the provided button. However, engaging with the email will lead users to a fake Capital One website, which will try to phish users’ login credentials. If malicious actors are successful in phishing users’ credentials, unauthorized transactions may be made from users’ accounts.

 

 

This “Capital One – Card Purchase Is Under Review” phishing email masquerades as a legitimate notification from Capital One, claiming that there has been excessive spending on your account. It states that the Fraud Department has temporarily locked your card until you can review your recent activity. Though the email offers minimal details, it pressures you to click the “Review Your Card Activity” button to check for any suspicious transactions and unlock your card.

Clicking this button takes you to a phishing Capital One website where you’re prompted to enter your login information. If you submit your credentials on this fake site, your account details will be stolen. This can allow cybercriminals to gain access to your online banking account and possibly execute unauthorized transactions.

The full “Capital One – Card Purchase Is Under Review” email contents are below:

Subject: Capital One Card Temporarily Locked

Capital One
Your Capital One® Card Purchase is Under Review.

Dear -,

Our Fraud Department has temporarily locked your Capital One card due to unusual activity detected on your account. Specifically, we have noticed an excessive number of purchases recently, which has triggered our security protocols.

Review Your Card Activity

Complete all verification process
Once you’ve done this your account will be removed from the restricted accounts automatically

Thanks for choosing Capital One.

It goes without saying that login credentials, especially for financial accounts, are in very high demand among cybercriminals. Users need to be very careful when it comes to login credentials. If you’re not already familiar with them, we strongly recommend you take the time to learn the most common phishing attempts and how to recognize malicious emails.

If you have received this phishing email and interacted with it by trying to log in to the site, you need to secure your account immediately. If you can no longer access your account, you need to contact Capital One and inform them that you’ve become a victim of a phishing campaign and your account has been compromised.

What are the signs of a phishing email?

Phishing campaigns that target multiple users with the same email often have a recognizable pattern due to their generic content. These emails typically are not personalized and are riddled with grammar and spelling mistakes. More advanced phishing campaigns target specific high-profile individuals/companies and tend to appear more credible, making them harder to detect. Fortunately, most people come across the simpler, more obvious phishing emails, as is the case with this “Capital One – Card Purchase Is Under Review” email.

When you receive unsolicited emails urging you to click on links or open attachments, the very first thing you need to do is verify the sender’s email address. In the case of this “Capital One – Card Purchase Is Under Review” email, it’s immediately obvious that the email was not sent by Capital One as the sender’s address looks unprofessional and does not contain a domain Capital One uses. Generic phishing emails usually come from random-looking email addresses, while more sophisticated attacks may use addresses that seem similar to those of legitimate senders. A quick Google search can help confirm whether an email address belongs to the supposed sender.

Another obvious indicator of phishing emails is poor grammar and spelling. Many phishing emails contain mistakes that would be completely out of place in legitimate emails. In the case of the “Capital One – Card Purchase Is Under Review” email, it’s filled with mistakes and appears very unprofessional. Additionally, an email from a company whose services you use not addressing you by name is a clear sign of a phishing attempt. Legitimate emails from Capital One would address you by your name.

When dealing with any email that prompts you to click on links or open attachments, you first need to double-check everything before engaging. Before clicking on links and buttons, hover over them to see their destination. For attachments, use an anti-virus program or a service like VirusTotal before opening them. If an email mentions problems with your account, instead of clicking any links, log in directly to your account to check whether there are any issues.

Finally, always inspect the URL of a website before entering any login details. Phishing websites may closely imitate legitimate sites, but the URLs will always reveal the phishing attempt.