• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » secure email » Microsoft Warns of Amex Phishing Email

Microsoft Warns of Amex Phishing Email

2019-03-20 by Michelle Dvorak

American Express Phishing Email Attempts to Hack Amex Credit Card Accounts

Microsoft’s Office 365 Threat Research uncovered an active American Express (Amex) email phishing campaign that emerged over the weekend. The Amex phishing campaign is especially dangerous as it prompts the recipient for their credit card numbers, account logins, as well as other common password reset questions.

The new American Express phishing emails use a generic subject line that reads, “Notice Concerning your Card Member Account.” The email prompts the recipient for personal information and credit card details. Weirdly enough it also asks the email recipient for their email address and password.

The body of the email [Figure 1] addresses the recipient as “Hello Primary Card Member.” This is a format that the real American Express never uses in their email communications. The body of the document contains images that are not shown for security reasons. The text explains that the Amex cardholder’s profile needs to be verified and instructs them to download the email attachment and answer some questions.

American Express Phishing Email
American Express Phishing Email
Figure 1 Image credit: Windows Defender Security Intelligence Twitter

The attachment page [Figure 2] requests that the recipient enter extensive details about their Amex credit card as well as other personal information. Credit account details such as the account holder’s Amex web login and password, credit card number, security code, and expiration. The phishing email also prompts the recipient to enter their mother’s birthdate and maiden name as well as the recipient’s place of birth. These are common passowrd reset questions and a strong clue that this is indeed a phishing email.

American Express Phishing Email Attachment
American Express Phishing Email Attachment
Figure 2 Image credit: Windows Defender Security Intelligence Twitter

In 2018, email phishing attempts increased by 250% according to Microsoft. From January 2018 to September 2018, Office 365 experiences over 300,000 phishing emails with over eight million attempts to compromise business email accounts. A worrisome 20% of the recipients clicked on the email within the first five minutes.

Earlier this year I wrote about how to spot another American Express themed phishing email. In that phishing attempt the emails were a little more polished, but still obvious fakes. Figuring out what email is real and what is a phishing email, remains the same. Take a hard look at the sender’s email address, not the friendly name as this is easy to spoof. Look for misspellings in the email body. A professional company will not send out an email with spelling and grammatical errors. Email content that is threatening is most likely phishing or spam. If you owe someone money, the creditor will likely use postal mail to send you a notice.

Ways to Spot a Fake Email
Ways to Spot a Fake Email

Amex Phishing Emails – What Should You Do?

  1. When in doubt call American Express and ask if this is their email
  2. Do not click on any links in the email
  3. Never download any attachments from suspicious emails
  4. Do not reply to the email
  5. Mark the email as SPAM so it moves to your junk folder, then delete it permanently
  6. Be skeptical about messages asking for sensitive information including passwords, credit card numbers, birthdate, or answers to common password reset questions
  7. Report any American Express spam emails to Amex’s spoof reporting email

Most importantly, think about the contents of the email. Does it make sense that your credit card issuer is asking you for the card number and expiration date? No. They already know this information. The only time a credit card company prompts for this is when they issue a new card and you need to activate it.

If you are web savvy, then set your email client (in this case it’s Outlook) to not download email images from untrusted sources. Images in an email may live on the spamming server, rather than in the email itself. That way, even if a phishing email recipient does not click on the link, the hacker still knows that the email was successfully sent to an active email box because the images were downloaded by the email client. No other action is necessary. No harm is done except that the hacker now knows that the email address is active and monitored. They will continue to spam that email address.

Filed Under: secure email Tagged With: Amex, phishing

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version