American Express Phishing Attempts

Phishing

We are seeing quite a few American Express phishing attempts trying to get your American Express details. These are very well crafted and look identical to genuine American Express emails. The senders appear to be from American Express until you look carefully at the email headers. They are using literally hundreds if not thousands of hijacked websites to perform these attacks.

The site listed in the email is the first step in the chain and you are bounced on to other sites. The coding on the primary hijacked sites suggest that they are under the control of the Blackhole and Angler exploit kit criminals. This means that at any time when they have taken stolen enough identities and money, they will switch to spreading malware via the same network and emails.

Do not click any links in these emails. Hover your mouse over the links and you will see a web address that isn’t American Express. Immediately delete the email and the safest way to make sure that it isn’t a genuine email form American Express is to type the American Express web address in your browser. and then log in to the account that way.

There are currently 2 main avenues of the American Express phishing attempts:

Subjects are:

  • Important: Personal Security Key
  • Irregular card activity

Both appear to come from American Express no-reply@welcome.aexp.com

Irregular card activity
We detected irregular card activity on your American Express Check Card on 17 March, 2021.
As the Primary Contact, you must verify your account activity before you can continue using your card, and upon verification, we will remove any restrictions placed on your account. To review your account as soon as possible please.

Please click on the link below to verify your information with us:
https://www.americanexpress.com/ <http://slelectronics.co.in/disengage/index.html>

If you account information is not updated within 24 hours then your ability to access your account will be restricted.
We appreciate your prompt attention to this important matter. Note: You will be redirected to a secure encrypted website.

The contained message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.

Thank you,
American Express

If you’d like to stop receiving this alert, simply click here < http://slelectronics.co.in/disengage/index.html> .Was this e-mail helpful? Please click here <http://slelectronics.co.in/disengage/index.html> to give us your feedback.  Contact Us <http://slelectronics.co.in/disengage/index.html> |Privacy Statement <http://slelectronics.co.in/disengage/index.html> |Add us to your address book <http://slelectronics.co.in/disengage/index.html>

Your Card Member information is included in the upper-right corner to help you recognize this as a customer service e-mail from American Express.  To learn more about e-mail security or report a suspicious e-mail, please visit us at americanexpress.com/phishing <http://slelectronics.co.in/disengage/index.html> . We kindly ask you not to reply to this e-mail but instead contact us via customer service <http://slelectronics.co.in/disengage/index.html> .
© 2021 American Express. All rights reserved.
AGNEUALE0082664

and other email reads

Important : Personal Key

Please create your Personal Security Key. Personal Security Key (PSK) is one of several authentication measures we utilize to ensure we are conducting business with you, and only you, when you contact us for assistance.
American Express uses 128-bit Secure Sockets Layer (SSL) technology. This means that when you are on our secured website the data transferred between American Express and you is encrypted and cannot be viewed by any other party. The security of your personal information is of the utmost importance to American Express, please click here <http://inyouthbasketball.com/bombast/index.html> or visit our website at https://www.americanexpress.com <http://inyouthbasketball.com/bombast/index.html> to create your PSK (Personal Security Key).

Note: You will be redirected to a secure encrypted website.
The contained message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.
Thank you,
American Express

If you would like to stop receiving this alert, simply click here <http://inyouthbasketball.com/bombast/index.html> .Was this e-mail helpful? Please click here <http://inyouthbasketball.com/bombast/index.html> to give us your feedback. Contact Us <http://inyouthbasketball.com/bombast/index.html> |Privacy Statement <http://inyouthbasketball.com/bombast/index.html> |Add us to your address book <http://inyouthbasketball.com/bombast/index.html> Your Card Member information is included in the upper-right corner to help you recognize this as a customer service e-mail from American Express. To learn more about e-mail security or report a suspicious e-mail, please visit us at americanexpress.com/phishing <http://inyouthbasketball.com/bombast/index.html> . We kindly ask you not to reply to this e-mail but instead contact us via customer service <http://inyouthbasketball.com/bombast/index.html> .
2014 American Express. All rights reserved.
AGNEUALE0058801

AmericanExpress phishing attempts

AmericanExpress phishing attempts

Following the link in these takes you to a website that looks exactly like the real American Express site. You are then through loads of steps to input a lot of private and personal information. Not only will this information enable them to clear out & use your American Express account, but also your Bank Account, Email details, webspace ( if you have it) They then want enough information to completely impersonate you and your identity not only in cyberspace but in real life.

Please read our How to protect yourselves page for simple, sensible advice on how to avoid being infected or having your details stolen by this sort of socially engineered malware.

All of these emails use Social engineering tricks to persuade you to open the attachments that come with the email or follow links in them . Whether it is a message saying “look at this picture of me I took last night” and it appears to come from a friend or is more targeted at somebody who regularly is likely to receive PDF attachments or Word .doc attachments or any other common file that you use every day. Or whether it is a straightforward attempt, like this one, to steal your personal, bank, credit card or email and social networking log in details.

Be very careful when unzipping them and make sure you have “show known file extensions enabled“, And then look carefully at the unzipped file. If it says .EXE .SCR or .COM then it is a problem and should not be run or opened.

Total
0
Shares
Leave a Reply

Your email address will not be published.

Related Posts