Go to the profile of PhishTrain
PhishTrain
Stay up to date on all things phishing related! See what new updates we roll out too!

Have an American Express Card? You Should Be on Alert

American Express is best known for their financial services. As part of their package, they offer fraud protection through a program called SafeKey. In recent weeks, a new phishing scam appearing to come from American Express has been landing in the inboxes of potential victims.

The American Express SafeKey email that you should avoid

Security firm Comodo Labs made the initial discovery of the online threat that first hit the Internet in March. The email poses as if it is coming from American Express’ SafeKey which is designed to add extra protection from online fraud when completing credit card transactions. Ironically, this service is now being twisted into a phishing scams in of itself. The emails asks the target to sign up for the program and enter valuable information, such as their credit card number, social security number, home address, and more. Unfortunately, the link in the email does not direct the user to American Express’ website, but instead a fake phishing page used to harvest credentials. The hacker on the other end can take these credentials and then very easy commit identify fraud with the victim’s information. This phishing email is quite noteworthy in the fact that it is so well crafted. To even a seasoned cyber security professional, the email can not be readily identified as a phishing scam. The URL, font, colors, and logos are all spot on and show the scary trend that is hackers becoming more careful in their work.

The URL to look out for is: http://amexcloudcervice.com/login/

Notice that ‘service’ is spelled with the letter ‘c’ in the above URL. If you were to receive an email from SafeKey, it would be best to avoid it at all costs. Instead, go directly to your American Express’ website and interact with your account there. A safe bet PhishTrain recommends to check link credibility is through the hover test. Hover your cursor over the link in the email without clicking and check to see what URL is displayed. If it appears like the one above, you should not interact with it.

If you do click the link, you will be greeted with what appears to be a standard American Express login page. Of course, this is just to capture your American Express login info before you are prompted to enter even more information on a page after the fact. PhishTrain recommends not interacting with any login pages linked to in an email. If a company has an alert for you, it will most likely appear on your account page, and not be emailed. This is an extremely common type of phishing procedure and you should teach yourself to break the habit of logging in from an email.

To avoid phishing attacks in the future, you can follow PhishTrain’s five-step process:

  • Be skeptical of all emails and be sure to examine them closely before opening any attachments.
  • Be extra careful with messages that ask you for personal information- such as passwords.
  • Take caution in downloading smartphone or desktop apps and granting these apps special permissions.
  • Keep all browsers on your device updated as companies implement anti-phishing and security software.
  • If you are unsure about the legitimacy of a message, contact the message’s source directly.

If you suspect that you have been a victim of the SafeKey phishing scam, please reach out to American Express or another company that can assist you with regaining your identity post-hack.

-Team PhishTrain