A new email scam, posing as a survey for customers of Chase Manhattan bank, shows that fraudsters have hit a new level of sophistication, according to analysts.

The spammed out emails claim that Chase Manhattan's online division is conducting a survey of its users, and will credit $20 to the accounts of those who participate. Actually, though, the emails do not come from the bank but point to a malicious website -- set up to mimic the bank's real site -- which attempts to steal usernames, passwords and other confidential information from unwary surfers.

''This shows how sophisticated the environment is getting,'' says Ron O'Brien, a senior security analyst with Sophos, Inc., an anti-virus and anti-spam company with U.S. headquarters in Lynnfield, Mass. ''For a long time, the banks that were being targeted were South American banks with very little name recognition here in the U.S. Pick a name like Chase Manhattan and everybody has heard of them and the likelihood that you're a customer is extremely high.''

This bold scam gets a boost by the fraudulent offer of $20, says O'Brien.

''I'm a few years out of college but if I was a college student and I got an email like this, offering my 20 bucks, I'd think it was a real easy way to make 20 bucks. I'd have to think hard about passing that up,'' O'Brien tells eSecurityPlanet. ''The sophistication level of the people trying to solicit information from unwary users is increasing exponentially. When I get these things in my inbox, even I am taking a second look at them. They're definitely starting to hit the target.''

The scam first appeared in the wild on March 12.

O'Brien reminds users that there will never be a time when their bank will need information from them and ask for it via email.