Phishing E-mail asks for Amex ID Confirmation

According to reports from Help-Net-Security dated May 21, 2012, one phishing e-mail pretending to ask for ID-verification of the recipient's American Express (Amex) account is presently circulating online while attempting at deceiving unwitting end-users.

It maybe mentioned that American Express, which has its headquarters in USA, is a multinational corporation catering to clients' financial requirements.

With header, "Your American Express Forgotten User ID," the spoofy electronic mail asks the recipient if he lately substantiated his username alternatively changed the password for his online account of the Amex Card. Incase it's been done then he may ignore the current e-mail. The purpose for making the said request is to enable the protection of his identification details online, the e-mail states.

Subsequently, it states that incase the recipient hasn't done the substantiation then he requires following a given web-link that'll enable the safeguard of his account against possible deception. Finally, the e-mail signs off expressing thanks to the recipient for being a cardholder.

But, according to Amex, it didn't send the e-mail. Actually, a currently-circulating scam is responsible for it that's crafted for deceiving recipients into taking down as also loading malware. Clicking on the web-link results in a page which urges the user to wait as loading of the page finishes. Yet, the login page isn't the real one of Amex.

Moreover, it diverts the user onto a different website, which serves the BlackHole attack toolkit. This toolkit utilized on the Web and popular among cyber-criminals helps in exploiting browser flaws so trojans or more malicious programs maybe downloaded. Characteristically, the malicious program pulled down steals usernames and passwords for online-banking accounts that are then transmitted back to the criminals.

Security analysts examining the new Amex spam state that it's similar to several which involved targeting players associated with Amazon.com, Verizon Wireless or flight-ticket verifications, with victims typically getting trapped via info-capturing malware.

Hence security experts recommend that users should ignore any unsolicited e-mail having implanted web-links, while access the suggested website by directly feeding the URL inside the Web-browser. Besides, they must make sure that security programs along with crucial components are always the latest.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 5/30/2012