According to this email, which purports to be from credit card provider American Express, errors were encountered during a recent security analysis.
The email, which has the subject line, “A concern that requires your action”, and is addressed to the “Primary Cardmember” claims that you need to confirm your account information by opening an attached file.
However, the email is not from American Express. Instead, it is a phishing scam designed to steal your personal and financial information.
If you open the attached file, a fake account update form will load in your browser. The bogus form includes the American Express logo and secondary links to create the illusion that it is genuine.
The form asks you to supply account passwords, credit card details, name and contact details, and a host of other identifying information. After submitting the bogus form, you will be automatically redirected to the genuine AMEX website.
But, alas, all of the information you supplied will be sent to online criminals and may be used to commit credit card fraud and identity theft.
Note that no legitimate bank or credit provider is ever likely to send you an unsolicited email demanding that you submit sensitive personal information via an unsecure attached file.
It is always safest to login to your online accounts by entering the address into your browser’s address bar or via a trusted app rather than by opening an attached file or clicking a link.
Phishing scammers have repeatedly targetted American Express customers in recent years. And, very similar scam emails have targetted customers of many other banks and credit card providers all around the world.
Be wary of any email or text message that claims that there is a problem with your bank or credit card account and you must click a link or open an attachment to deal with the problem.
American Express has information about how to report such fraud attempts on its website.
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now ad-free! Can you help us stay online?
An example of the scam email:
Primary Cardmember MessageFor your security:
We are writing to let you know that there is a recent security report for your American Express(R) Account(s). At the time of report analysis, errors were encountered.In view of this, We mandate that you confirm your on-file records with us.
YOU ARE TO
A safe attached fillable Web form is sent with this message.
• See Attached Form, Download and Open to Continue.
Thank you for your continued Cardmembership.
American Express Customer Service Card
Since you’ve read this far……can I ask you for a big favour?
To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now ad-free. To keep the site online, I now rely on voluntary contributions from site visitors along with commissions from a few trusted products and services that I promote via reviews on the site.
If you found the above report useful, please consider supporting Hoax-Slayer by making a donation. Any amount you can give will be greatly appreciated.
You can donate using your credit card via the form below. Donations are collected securely via the online payment service Stripe. Stripe uses state of the art security to keep your data safe.