Ask Dave Taylor
  • Facebook
  • Instagram
  • Linkedin
  • Pinterest
  • Twitter
  • YouTube
  • Home
  • YouTube Videos
  • Top Categories
  • Subscribe via Email
  • Ask A Question
  • Meet Dave
  • Home
  • Computer & Internet Basics
  • Beware of the Amex American Express Phishing Scam!

Beware of the Amex American Express Phishing Scam!

February 19, 2016 / Dave Taylor / Computer & Internet Basics, Spam, Scams & Security / No Comments

Got an email from American Express saying that you have a failed transaction. And you don’t recognize it? Before you click, read on, it’s probably a phishing scam…

Breaking into banks and figuring out how to transfer data can be a lot of work for hackers, so plenty of bad guys prefer to get credit cards and buy them by the thousands on illegal discussion boards. In fact, the hackers that break into e-commerce sites and steal millions of credit card records? They’re usually then selling them to other criminals, not doing any sort of fraudulent transactions themselves. This means that you should always be very careful any time you enter your credit card data, whether it seems to be a site that you have done transactions on, or whether it’s the credit card site itself.

Which is why this particular American Express phishing scam that attempts to not only get your Amex card data, but also asks for your social security number, mother’s maiden name, birthday, and more. Which would be a disaster!

So let me show you how to identify this particular phishing attack.

To start, here’s the email message:

american express amex phishing scam attack

There are a few oddities, including a 2013 copyright on the very bottom of the message, but in general it looks believable, with its warning that a $971.84 transaction from Cigna Corp has failed.

Who wouldn’t want to click on “Login to Verify”?

But what happens if you check the link before you click…

amex phishing email message with bit.ly link

You can see here, they’ve been sneaky by having the link to the bogus site masked as a bit.ly link.

Not paying attention, however, you click on it. Then what? Here’s where you ultimately go:

amex phishing url

Definitely looks legit on first glance. But why not just amex.com? And notice that the security certification is missing.

The page itself, however, looks quite legit:

bogus fake phishing amex american express page

On phishing sites they have no way to verify what you enter, so you can enter anything, like 1234. So you log in (not good) and end up on the next page. It looks like this:

amex phishing bogus page 2

Again, seems and looks legit, you could be tricked into entering your Amex card number and Card ID.

The problem shows up on the next page. Why would they be asking for your social security number?

amex phishing, page 3

Don’t go further down this rabbit hole, though. All that’s happening is that the bad guys are recording everything you enter and as soon as they can, running a few thousand dollars worth of transactions on the card. And the rest of the data, were you to have entered it, will be sold on one of these hacker boards. Very not good.

And all of it can be avoided if you’re just skeptical about these sort of email messages and never click in the first place.

About the Author: Dave Taylor has been involved with the online world since the early days of the Internet. Author of over 20 technical books, he runs the popular AskDaveTaylor.com tech help site. You can also find his gadget reviews on YouTube and chat with him on Twitter as @DaveTaylor.

Let’s Stay In Touch!

Never miss a single article, review or tutorial here on AskDaveTaylor, sign up for my fun weekly newsletter!
Name: 
Your email address:*
Please enter all required fields
Correct invalid entries
No spam, ever. Promise. Powered by FeedBlitz
Please choose a color:
Starbucks coffee cup I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you, Dave, for all your helpful information by buying you a cup of coffee!
american express, amex phishing, amex scam, phishing attack

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search

Recent Posts

  • How to Check Energy Recommendations on your Windows Laptop
  • How Do I Customize New Tab Windows in Safari for Mac?
  • Can AI-Generated ChatGPT Text Be Accurately Identified?
  • How to Perform a Microsoft Account Security Audit and Checkup
  • How Can I Customize My Linux Dock / Taskbar?

On Our YouTube Channel

How to: Replace a Switchbot Door Sensor Battery

EMEET Luna vs INNOTRIK Studio Bluetooth Speakerphones -- DEMOS & REVIEW

Categories

  • AdSense, AdWords, and PPC Help (106)
  • Amazon, eBay, and Online Shopping Help (163)
  • Android Help (226)
  • Apple iPad Help (147)
  • Apple Watch Help (53)
  • Articles, Tutorials, and Reviews (346)
  • Auto Tech Help (15)
  • Business Advice (200)
  • ChromeOS Help (31)
  • Computer & Internet Basics (778)
  • d) None of the Above (166)
  • Facebook Help (383)
  • Google, Chrome & Gmail Help (188)
  • HTML & Web Page Design (247)
  • Instagram Help (49)
  • iPhone & iOS Help (623)
  • iPod & MP3 Player Help (173)
  • Kindle & Nook Help (99)
  • LinkedIn Help (88)
  • Linux Help (173)
  • Linux Shell Script Programming (89)
  • Mac & MacOS Help (911)
  • Most Popular (16)
  • Outlook & Office 365 Help (33)
  • PayPal Help (68)
  • Pinterest Help (54)
  • Reddit Help (19)
  • SEO & Marketing (82)
  • Spam, Scams & Security (95)
  • Trade Show News & Updates (23)
  • Twitter Help (220)
  • Video Game Tips (66)
  • Web Site Traffic Tips (62)
  • Windows PC Help (947)
  • Wordpress Help (206)
  • Writing and Publishing (72)
  • YouTube Help (47)
  • YouTube Video Reviews (159)
  • Zoom, Skype & Video Chat Help (62)

Archives

Social Connections:

Ask Dave Taylor


Follow Me on Pinterest
Follow me on Twitter
Follow me on LinkedIn
Follow me on Instagram


AskDaveTaylor on Facebook



microsoft insider mvp


This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this site or on any linked site. Further, please note that by submitting a question or comment you're agreeing to our terms of service, which are: you relinquish any subsequent rights of ownership to your material by submitting it on this site. Our lawyer says "Thanks for your cooperation."
© 2023 by Dave Taylor. "Ask Dave Taylor®" is a registered trademark of Intuitive Systems, LLC.
Privacy Policy - Terms and Conditions - Accessibility Policy