Phishing emails, by which scammers and identity thieves attempt to lure you into either clicking on links or downloading attachmentscontained within the email which will download malware or providing personal information that will be used to make you a victim of identity theft, are nothing new. They are a staple of identity thieves and scammers and with good reason because they work. Here is a copy of a new phishing email that appears to come from American Express that is presently circulating. This particular one is not particularly convincing. It does not address the person receiving the phishing email by name, but rather by the generic “Dear American Express User.” In addition, as is common with many scams which often originate out of the country where English may not be the first language of the scammer, the grammar is not good.
“Dear American Express User,
During our server routine update we noticed you enter wrong detail. We implore you
to download the attached file to re-verify your details.
NOTE: You are strictly advised to match your information correctly to avoid service suspension.
Thank you for your continued Card Membership
American Express Customer Care”
An indication that this is a phishing email is that the email address from which it was sent had nothing to do with American Express, but most likely was from a computer that was part of a botnet of computers controlled remotely by the scammer. As with all phishing emails, two things can happen if you click on the links or download the attachments provided. Either you will be sent to a legitimate looking, but phony webpage where you will be prompted to input personal information that will be used to make you a victim of identity theft or, even worse, merely by clicking on the link, you will download keystroke logging malware that will steal all of your personal information from your computer and use it to make you a victim of identity theft. If you receive an email like this and think it may possibly be legitimate, merely call American Express at the telephone number found on the back of your card and you will be able to confirm that it is a scam.