Got an email from American Express saying that you have a failed transaction. And you don’t recognize it? Before you click, read on, it’s probably a phishing scam…
Breaking into banks and figuring out how to transfer data can be a lot of work for hackers, so plenty of bad guys prefer to get credit cards and buy them by the thousands on illegal discussion boards. In fact, the hackers that break into e-commerce sites and steal millions of credit card records? They’re usually then selling them to other criminals, not doing any sort of fraudulent transactions themselves. This means that you should always be very careful any time you enter your credit card data, whether it seems to be a site that you have done transactions on, or whether it’s the credit card site itself.
Which is why this particular American Express phishing scam that attempts to not only get your Amex card data, but also asks for your social security number, mother’s maiden name, birthday, and more. Which would be a disaster!
So let me show you how to identify this particular phishing attack.
To start, here’s the email message:
There are a few oddities, including a 2013 copyright on the very bottom of the message, but in general it looks believable, with its warning that a $971.84 transaction from Cigna Corp has failed.
Who wouldn’t want to click on “Login to Verify”?
But what happens if you check the link before you click…
You can see here, they’ve been sneaky by having the link to the bogus site masked as a bit.ly link.
Not paying attention, however, you click on it. Then what? Here’s where you ultimately go:
Definitely looks legit on first glance. But why not just amex.com? And notice that the security certification is missing.
The page itself, however, looks quite legit:
On phishing sites they have no way to verify what you enter, so you can enter anything, like 1234. So you log in (not good) and end up on the next page. It looks like this:
Again, seems and looks legit, you could be tricked into entering your Amex card number and Card ID.
The problem shows up on the next page. Why would they be asking for your social security number?
Don’t go further down this rabbit hole, though. All that’s happening is that the bad guys are recording everything you enter and as soon as they can, running a few thousand dollars worth of transactions on the card. And the rest of the data, were you to have entered it, will be sold on one of these hacker boards. Very not good.
And all of it can be avoided if you’re just skeptical about these sort of email messages and never click in the first place.
