PHISHING ALERT! PHISHING scam with potential MALWARE email from Chase Bank csrdesire@mail.com www.chasepro.rf.gd

DO NOT CLICK ON THE LINK IN THIS EMAIL! THIS EMAIL IS NOT FROM CHASE AND THE LINK DOES NOT TAKE YOU TO THE CHASE WEBSITE!  The link takes you to http://www.vpweb.com/EmailMarketing/Link.aspx?s=01971765-7f2e-4b98-a24e-4ad138313d95&h=838c72c3-a860-424c-b677-85804ce38608 which redirects to http://chasepro.rf.gd/ and is PHISHING for your Chase Bank account information!  There's also a potential of MALWARE!

https://www.virustotal.com/en/url/1637636c12ed412d2edec549e6202ffff63224fe83fe21e409d672fc100fd668/analysis/1487725831/

Netcraft     Malicious site
Avira (no cloud)     Phishing site
ESET     Phishing site
Web site category
Websense ThreatSeeker
information technology
Final URL after redirects
http://chasepro.rf.gd/
IP address resolution
176.34.97.79
HTTP Response code
200
HTTP Response headers
transfer-encoding: chunked
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
server: nginx
connection: keep-alive
cache-control: no-cache
date: Wed, 22 Feb 2017 01:12:15 GMT
content-type: text/html

Originating IP: 209.43.22.9
Originating ISP: Iquest Internet
City: Indianapolis
Country of Origin: United States

from: Chase <csrdesire@mail.com> via bounce.vp-email.com 
to: 
date: Tue, Feb 21, 2017 at 7:44 AM
subject: Unusual account activity detected
mailing list: <10960513_1254581.xt.local> Filter messages from this mailing list
mailed-by: bounce.vp-email.com

Trouble viewing this email? See the Web version

Dear CHASE Member,

We detected Unusual activity on your CHASE bank account on 02/21/2017.
For your protection, we need you to review this activity immediately.

Please sign in to Mobile Banking or visit Online Banking at WWW.CHASE.COM
to review and verify your account activity:

If you do not contact us, certain limitations may be placed on your account.
please visit the following page:
http://www.chase.com/cmserver/users/default/confirm.cfm

Security

Icon  Your last sign-in was 02/08/2017
To verify that this email is from CHASE BANK, confirm your last sign-in date is correct. To access Online or Mobile Banking, go directly to CHASE.com or use our Mobile Banking App.
Remember: We never ask for private information such as an account number, card PIN, or Social Security or Tax ID number in email messages. If you think an email is suspicious, don't click on any links. Instead, forward it to noreply@CHASE.com and delete it.

Customer Advisory
Copyright 2017 CHASE.
Read our Privacy Notice.
Please don't reply directly to this automatically generated email message.

This email was sent by Chase (csrdesire@mail.com). To ensure that you continue receiving our emails, please add us to your address book or safe list. Click here to remove yourself from this mailing list. 
 
Kevin Warren | 11509 Chatham Pl NE | Bainbridge Island | WA | 98110 

From the HTML of the email:

Please sign in to Mobile Banking or visit Online Banking at <a href="http://www.vpweb.com/EmailMarketing/Link.aspx?s=01971765-7f2e-4b98-a24e-4ad138313d95&h=b8574c51-8216-4954-bd64-0351d6d13691" class="userlink">WWW.CHASE.COM&#160;</a></div><div id="ctrl-9521045" style="width:100%">to review and verify your account activity:&#160;</div><div id="ctrl-9521046" style="width:100%"><br></div><div id="ctrl-9521048" style="width:100%">If you do not contact us, certain limitations may be placed on your account.&#160;</div><div id="ctrl-9521049" style="width:100%">please visit the following page:</div>
<div id="ctrl-9521050" style="width:100%"><a href="http://www.vpweb.com/EmailMarketing/Link.aspx?s=01971765-7f2e-4b98-a24e-4ad138313d95&h=838c72c3-a860-424c-b677-85804ce38608" class="userlink">http://www.chase.com/cmserver/users/default/confirm.cfm</a>