We no longer support this browser. Using a supported browser will provide a better experience.

Please update your browser.

Close browser message

J.P.Morgan ACCESS® Security Center

At J.P. Morgan, we are serious about protecting your personal and account information. It is also necessary for you to protect yourself when you use your computer or conduct business online. Protecting yourself online starts with knowing how to prevent cyber fraud.

How to Protect Yourself Against Cyber Fraud

To help prevent cyber fraud, be aware of potential external threats and leverage the security features and functionality available to you.

You should never:

  • Open emails, launch links or open attachments from unknown sources
  • Click on links in emails and pop-up messages
  • Update payment information based on an email or other message without confirming the change with a known contact at your vendor or beneficiary
  • Share your user ID, password, secure token device or the answers to your security questions with anyone
  • Leave written notes with your log-in credentials nearby your computer or in an easy-to-find place where they can be viewed by others
  • Leave inactive user profiles online
  • Allow multiple people to use the same computer to process a transaction

Do not respond or reply to an email, phone call or text message that:

  • Requires you to supply personal or account information (such as a user ID, password, or account numbers) directly in the email, non-secure webpage or text message
  • Threatens to close or suspend your account if you do not take immediate action
  • Invites you to answer a survey that asks you to enter personal or account information
  • States your account has been compromised, there are unauthorized charges on your account, or there has been third-party activity on your account, and then asks you to provide or confirm your personal or account information
  • Asks another user to log on from your computer
  • Asks you to confirm, verify or refresh your account, password or billing information


  • Pay special attention to links and attachments
  • Always log off at the end of a session
  • Forward suspicious emails that appear to come from Chase or J.P. Morgan to phishing@jpmchase.com
  • Call your J.P. Morgan Access Help Desk or Support team immediately if repeatedly prompted for login information
  • Go paperless so that statements with critical account information aren’t sitting around in the office or in the trash
  • Sign up for alerts to monitor account activity and review alerts whenever a payment is made or changed
  • Keep anti-virus software up to date and use current versions of web browsers
  • Set payment limits at a level reasonable for your typical activity and call us to arrange any exceptionally large payments
  • Regularly review and confirm the entitlements of your users
  • Regularly check your account activity for any suspicious transactions and contact us immediately about any suspicious or erroneous wires
  • Complete our Cyber Fraud & Secure Online Banking overview

If you become suspicious after sending a wire transfer, immediately contact your respective Help Desk or Support team of your platform.

Reminder: It is NOT our practice to:

  • Send emails that require you to enter personal security information directly into the email
  • Send emails threatening to close your account if you do not take the immediate action of providing personal or business information
  • Send emails asking you to reply by sending personal or business information
  • Share your name with any contacts outside our firm in a manner inconsistent with our privacy policy

How to Protect Yourself Against Malware and Social Engineering Attacks

J.P. Morgan has received reports of fraudsters successfully installing on clients’ computers malware that requests the user to make multiple login attempts, enter token codes multiple times as part of the login, or asks the user to have someone else login from their machine. Many varieties of malware (such as computer viruses, worms, Trojan horses, spyware, dishonest adware, and other malicious and unwanted software) are specifically focused on obtaining financial credentials and are often customized for specific individuals.

Reminder: We will never request that another user attempt to log on from your computer or ask you to enter multiple token codes as part of the log on process.

Please take the time to review the information on Malware and Social Engineering Attacks

What to do if you suspect fraud or a cyber security attack

  • Call your J.P. Morgan Access Help Desk or Support team immediately
  • You should also contact your Security Administrator to inactivate your ID if you believe you might have inadvertently compromised your user ID

Further Information