Wednesday, May 16, 2012

Don’t Click Links in “Your American Express Forgotten User ID” Spam

American ExpressDid you get an email asking if you recently verified your login or reset your online American Express account password?

Make sure you don’t click on any links.

Cybercriminals are spamming out American Express phishing emails in an attempt to lead users to malicious sites housing the Blackhole Exploit Kit.

Users will see nothing more than a blank page reading, "PLEASE WAIT. Loading..." while the Blackhole exploit pack works silently in the background, attempting to take advantage of vulnerabilities within Java, Adobe PDF, Flash and other software to plant malware on the target machine.

Here’s a copy of the email we received:

American Express Spam

Subject: Your American Express Forgotten User ID

Verify Your Request

Your Account Number Ending:

Dear Customer,

Did you recently verify your User ID or reset the password that you use to manage your American Expressâ Card account online?

If so, you can disregard this email. To help protect your identity online, we wanted to be sure that you had made this request.

If not, please click here, or log on to so we can protect your account from potential fraud.

Thank you for your Cardmembership.

American Express Customer Service

P.S. To learn how to protect yourself on the internet and for information about Identity Theft, Phishing and Internet Security, please visit our Fraud Protection Center at View Our Privacy Statement Add Us to Your Address Book

This customer service email was sent to you by American Express. You may receive customer service emails even if you have requested not to receive marketing emails from American Express.

Copyright 2012 American Express Company. All rights reserved.


Ways to Spot American Express Phishing Emails

Cybercriminals will do their best to imitate American Express emails, but there ways to tell the real from the fake.

  • Pay attention to how you were greeted in the email. Were you addressed by name or “Dear customer”/”Dear cardmember”? If it’s the latter, then there’s a good chance that email came from a spammer and not American Express.

  • Check for the last 5 digits of your account number. Legitimate emails from American Express that are related to your account will include this information, so if it’s missing then the email is likely a fake.

  • Does the email create a false sense of urgency? Spammers want you to take action before you think, so fraudulent emails are likely to ask you to update or provide information ASAP or risk having your account suspended or closed.

  • Hover your mouse over links within the email to verify the destination URL. If the links don’t point to an domain, then you’d be better off typing the URL directly into your address bar or using your browser bookmarks/favorites.

  • Check how many people are copied on the email. Having 10 other unfamiliar email addresses copied on the same email should be a HUGE red flag.

How to Report American Express Phishing Emails

Alright, so you’ve ran through the checklist above and suddenly that email doesn’t feel right. Now what?

You can report the phishing email to American Express by forwarding it to You’ll get an automated reply acknowledging they’ve received the email and they’ll take it from there.

Did You Fall for an American Express Phishing Email?

If you made the mistake of clicking on a link within a suspected American Express phishing email, you may want to:

  • Perform a full system scan of your computer with your antivirus software.

  • If you’ve provided any account information, contact American Express by calling the number on the back of your card.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment