Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Phishing Scam Targets AmEx Customers

E-mails posing as messages from the credit card firm AmEx (American Express) are hitting consumers' mailboxes this month (December 2009), reports HELP NET SECURITY on December 17, 2009.

Beginning with 'Dear Customer' to address the recipient, the unsolicited e-mail states that the technical service section of AmEx has just found that the user's information filed with the company is incomplete. Unmistakably, the e-mail provides a file number for reference.
Subsequently, it (the e-mail) requests that if the user is unable to click the link, then he may copy it into the address bar of his browser. It thanks the recipient for his swift attention to this crucial issue.

The message tries to sound genuine as it states that in case the recipient fails to update his account information within 48-hours, he would have only restricted access to the account.

Finally, the e-mail signs off expressing gratitude on behalf of 'American Express Company, Member FDIC.'

Meanwhile, if anyone follows the link embedded in the e-mail, he would land onto a mimicked AmEx website on which supplying the requested details would help cybercriminals to intercept the same.

This phishing tactic is, reportedly, the most traditional ploy ever recorde; however, it isn't difficult to avoid. Users need to know that financial institutions and banks do not ever ask anyone to review personal information over e-mail or through online forms. So if such e-mails arrive, users should instantly recognize their hidden intention, viz. phishing, for stealing money.

Moreover, the subject lines of the e-mail message include customer notification, American Express Online Form, important instructions, important information, important alert, etc.

According to the security researchers, this type of e-mail scam as well as scams relating to phony delivery notice always become rife during holidays when plenty of buying-and-selling takes place online.

Hence, as best practices, users must find out if a website they decide to access contains the right spellings. They must also check the statements of their credit cards regularly and if they find anything suspicious they must contact their credit card firms. Lastly, they must delete the phishing e-mail after forwarding it to the concerned officials.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 12/26/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page