Scammers target sensitive information of users through American Express spoof e – mails

credit card
  • Scammers target the financial details of American Express users through spoof emails along with the attached phishing form.
  • The e – mail scam states that there is a security problem with the credit card and requests the submission of personal information via an attached form.

A phishing e – mail scam from American Express targets sensitive information for users by saying that their credit card has a security problem. The e – mail scam asks users to create new login credentials with their personal information via an attached form.

Modus Operandi

These phishing email scams have subjects such as’ CardMember Account Notice, ‘ ‘ Reminder-We have issued a security concern (Action required)’ and ‘ REMINDER: a concern that requires your action.’

The email message states that we encountered errors during the report analysis and therefore we mandate you to confirm your records with us via the attached secure fillable web form.

The attached fillable form asks for details such as user credentials, card number, security code, expiry date, mother’s name, mother’s date of birth, year of birth, first elementary school name and security pin. Then it encourages the victims to create new login credentials.

An example of the phishing email that Myonlinesecurity observes is shown below. “

Primary Cardmember Message

We are writing to let you know that there is a recent security report for your American Express Account(s). At the time of report analysis, errors were encountered.

In view of this, we mandate that you confirm your on-file records with us.
You are to

A safe attached fillable Web form is sent with this message.
*See attached form, download and open to continue.
Thank you for your continued card membership,
American Express Customer Service”

“Once the victims submit the form with their personal details, the information collected is sent to the scammers. The users are then redirected to the legitimate americanexpress.com page, which states “Thank you for your feedback.”
Note that these emails are sent from mail domains based on the keyword ” American Express, ” such as AmExpress@amnex[.]com, AmericanExpress@aemail[.]com and AmericanExpress@ampress[.]com, respectively.

How to keep such scams safe?

All internet users should be aware of these phishing scams and follow certain standard security practices to protect their online accounts.

It should be remembered that companies’ in particular financial organizations do not request personal information by email or by telephone.

If you receive any such email containing links to sites and requesting your personal information, it may be a scam, so you are advised to contact the organization to confirm the email.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.