Researchers have discovered a new phishing campaign targeting American Express customers.
Attackers lure the cardholders into opening an attachment and try to steal confidential data to access their accounts.
Initially, attackers first send a spoofed email of the much-recognized card brand asking the customers to click on the link included in the email attachment.
When the victim clicks on this link, they are redirected to a fake American Express landing page. This page is also crafted smartly to resemble the original American Express login page, including the company’s genuine logo, navigational links, and a link to download the American Express app.
The email is designed to appear as an authentic American Express notification. Victims are prompted to sign in to verify their accounts. They enter their user ID and password.
The phrase “This is your last chance to confirm it before we suspend it” is included to create a sense of urgency. Victims are requested to complete a one-time verification process to update their credentials and prevent suspension of their accounts.
The phishing scam has bypassed Google Workspace Security successfully, and so far, the email has been sent to around 16,000 email addresses of American Express employees.
Suggestions to remain vigilant
- If any email or website that asks for personal information such as your password, Social Security number, or credit card number be attentive. Legitimate companies will never ask for this information via email or an online form.
- Phishing attempts almost always contain a link, downloadable attachment, or directive telling people to do something ASAP.
- There exists a lot of spelling mistakes, with domain names misspelled.
- The email or message can instill a sense of urgency to get people to act quickly without thinking.
- The email signature will usually look strange or different from normal.
- Inspect the URL of any website you’re directed to from an email before entering any information on it.
