Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 159 - August, 2013 (1st Edition) - Page 8

American Express 'Online Security Service Notification' Phishing Scam

Issue 159 Start Menu

Previous Article            Next Article

Outline
Email claiming to be from American Express informs recipients that they must click a link to update online banking account information because new security measures are being imposed.

American express - logo vector

© Depositphotos.com/ barcova.natalia



Brief Analysis
The email is not from American Express. It is a phishing scam designed to trick recipients into giving their credit card details and other personal information to cybercriminals.

Bookmark and Share
Example

Subj: America Express Online Security Service Notification

DEAR VALUED CUSTOMER,

Your online banking account has to be updated as we impose measures to ensure your safety while banking online.

PLEASE CLICK BELOW TO CONTINUE
Verify your Access

These features are made to provide the most secure service and protection to you while online as failure to adhere may affect your online banking access in the future.

Thank You
Legal Advisor, America Express.


Detailed Analysis
According to this "security service notification", which claims to be from American Express, users are required to update information in their online bank accounts because new security measures are being imposed. They are warned that "failure to adhere" to the update request may affect future access to the account.

The message greets users generically as "Dear Customer" and claims to be from an unnamed American Express "legal advisor".

In fact, the message is not from American Express. It is a phishing scam designed to fool recipients into divulging their personal and financial information via a fake American Express website. Those who click the link will be taken to a site that hosts the form shown in the following screenshot:



american-express-security-notification-phishing-scam

The bogus form asks for credit card details as well as account login credentials, personal and contact information and even the user's email account password. Once victims have completed the form and clicked the "Submit" button, they will be automatically redirected to the real American Express website.

Meanwhile, the criminals running the phishing attack can use the stolen information to commit credit card fraud and identity theft as well as hijack American Express accounts belonging to their victims. They can also take control of victim email accounts and use them to launch further spam and scam campaigns.

American Express would never send an unsolicited email asking customers to click a link to update account details. And, genuine American Express emails will always greet customers by their names. It will never use generic greetings such as "Dear Customer". The company has published information about phishing scams and how to report them on its website.

Phishing scammers continue to attack Internet users all over the world and many users continue to fall for their tricks. Be cautious of any unsolicited message that claims that you must provide account information by clicking a link or opening an attached file. It is always safest to access all of your online accounts by typing the account address into your browser's address bar rather than by clicking an email link.

Bookmark and Share

Last updated: July 24, 2013
First published: July 24, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Friend Stranded in Foreign Country Scam Emails
American Express Security Center Identity Theft
Phishing Scams - Anti-Phishing Information



Previous Article            Next Article

Issue 159 Start Menu

Pages in this issue:
  1. Warning - Grapes and Raisins Toxic to Dogs And Cats
  2. Circulating Warning Claims Antiperspirants Cause Breast Cancer
  3. Gareth & Catherine Bull Advance Fee Lottery Scam
  4. Does a Viral Video Really Depict a Snowfall in the Philippines?
  5. Wellness Company Woolies Voucher Hoax
  6. Qantas 'E-Ticket Itinerary Receipt' Malware Email
  7. The Tale of Pastor Jeremiah Steepek and the Homeless Man
  8. American Express 'Online Security Service Notification' Phishing Scam
  9. Dell Computer Giveaway Survey and Like Farming Scam
  10. Tear Drop Monument - Russian Gift to the United States
  11. Bank of America Merchant Statement Malware Email
  12. Disgraceful Hoax - 'All Facebook Companies' Donations to Help 9 Year Old Girl'
  13. 'Disneyland SuMMer Vacation' Free Tickets Like-Farming Scam
  14. MBNA 'Request to Terminate Online Card Services' Phishing Scam
  15. Burned Dog Paws Warning
  16. Tim Tams 'May Contain Traces of Human Flesh' Hoax Image
  17. Spurious Facebook Warning - 'Powerful Computer Viruses Named Trojans'
  18. Big W Samsung TV Giveaway Like-Farming Scam
  19. Siamese Pike Photograph
  20. Circulating Message Warns of Drug Called 'Molly'
  21. 'Confirm Your Apple Account' Phishing Scam
  22. Windows Live - Hotmail Account Closure Phishing Scam
  23. Circulating Internet Message Warns of Rotavirus Outbreak
  24. Facebook 'Graphic App' Privacy Warning Hoax
  25. Harvey Norman Like Farming Scam