A new form of phishing attack has recently targeted Amex cardholders and is more sophisticated than what experts have seen in the past. A phishing attack can arrive via email, text, social media message or even as a phone call and appears to be coming from someone you know (a person in your contact list or a company that you regularly interact with, such as your financial institution). According to the Identity Theft Resource Center, “the link embedded in the current American Express phishing attack comes via email and is two different parts. This way the hacker can insert malicious code into the link while also confusing the recipient’s antivirus software. Instead of warning about a harmful link, the software does not recognize it as malicious.”
How can you tell if an email is a phishing scam? The Amex email itself was very typical of a phishing attack – it was filled with grammatical errors including spelling and punctuation mistakes. Along with being on the lookout for language errors, here are some additional tips to keep in mind:
– Verify that the information is legitimate. If an email comes from your supervisor, call them and make sure. If an email comes from a company that you regularly do business with, ignore it and go directly to their website and check your account.
– Don’t click on a link or download an attachment from an email or message that you aren’t expecting.
– Double-check the sender’s address or the website address. For example, if it says, “AmazOn.com,” it is probably fake.
– Remember that caller ID is not trustworthy.
If you think you have received an American Express phishing email, don’t click on any of the links. The company suggests that you forward it to email@example.com so they can act to close down the phishing link. After the email is forwarded, delete it from your inbox.
Please call Guard Well Member Services at 888.966.4827 (GUARD) or email firstname.lastname@example.org if you feel you have been a victim of identity theft. We are always available for you – 24/7/365.