Received this credit card alert recently? It's a phishing email!

Phishing emails can be convincing if you don’t know what to look for. Scammers send out massive numbers of phishing attempts, hoping that they can fool us into giving away our personal information and our money.

It seems like we are in a never-ending battle against these types of attacks. Remember, it only takes one successful phishing attempt and your entire identity may be stolen forever! This is why it’s extremely important not to let your guard down.

We recently told you about this massive Netflix phishing scam that’s currently making the rounds. But now, customers of a major credit card company need to be extra careful of this new phishing campaign.

New AmEx phishing scam

A new email phishing campaign was spotted by myonlinesecurity.co.uk and it is targeting American Express customers by claiming that there is a security error on your account.

The tricky part is that this scam was designed to elude anti-phishing tools and security software so you have to keep your guard up to avoid getting duped.

Here’s what to watch out for. BleepingComputer stated that this current campaign uses email subject lines like:

  • “Notice Concerning your CardMember Account”
  • “Reminder – We’ve issued a security concern (Action Required)”
  • “REMINDER: A concern that requires your action”

Another reason these types of fake emails are hard to spot is due to the way mobile email clients only display names in their “From:” fields and not the entire email address.

As such, the phishing emails appear to be coming from mail domains that spoof or mimic legitimate American Express accounts.

From: addresses to watch out for include AmExpress@amnex.com, AmericanExpress@ampress.com and AmericanExpress@aemail.com. Notice that all of these look similar to the official American Express and Amnex.com domains.

Here’s what the phishing emails look like

Here’s an example of the current American Express phishing scam (courtesy of myonlinesecurity.co.uk):

Similar to other phishing scams, this fake American Express email has a malicious html attachment that runs a script from a remote website.

The script then proceeds to display an online validation form that will ask for your sensitive information including your American Express account credentials, credit card number, security code, expiration date and even your mother’s maiden name, date and place of birth and your first elementary school.

Yep, it’s everything an identity thief will ever need to take over your identity.

Once submitted, the data is sent to the scammer’s remote host but you are redirected to a legitimate americanexpress.com page that displays “Thank you for your feedback.” Note: Dumping a victim to the real website of the spoofed company after their information is compromised is a very common phishing tactic these days.

Click here to read myonlinesecurity’s full report.

How to protect yourself from these fake emails

In case you haven’t noticed, all these sophisticated phishing attacks rely on social engineering tricks to scare you into clicking an attachment or a link.

Remember, financial companies will never request your sensitive information via an attached form. If you receive any type of “security alert” or “account verification” email that appears to be coming from your bank that includes an attachment, don’t fall for it! Never open the attachment or link!

If you’re concerned, contact your bank via its customer service phone number (typically located on the back of your banking card) and ask them directly.

Additionally, report phishing attempts by contacting the FTC. Send an email to spam@uce.gov or visit ftc.gov/complaint. You can also email reportphising@apwg.org, used by the Anti-Phishing Working Group. Visit American Express’s security center for more information.

If you're a Netflix subscriber, watch out for this phishing scam

Don’t cybercriminals ever get sick of phishing scams? They are constantly using fake emails or texts to trick us into giving them our logins, personal information or even credit card numbers and wreak havoc on our lives. Well, they are at it again using people’s trust in Netflix to do just that. Here is what to look out for.

Continue reading

Watch out for royal baby scams

Open/download audioPrince Harry and his wife Meghan Markle, that’s the Duke and Duchess of Sussex to you peasant, had their first child yesterday. The infant may not have a name yet, but he’s already become a tool for online scammers.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Personal info of 500,000 school district staffers, students stolen by hacker

Throughout 2018, it seems like we have seen one hack after another. We are constantly hearing about the latest data breach, hack or scam. Well, the year isn’t over and neither are the hacks. This latest one is shocking, though, because instead of targeting big businesses or gullible individuals this one went after our kids by hacking a school district. Will this ever stop?

Continue reading

If you have an Apple ID, you may have been hacked

If you have an Apple device, you already know what Apple ID is. In fact, you know it very well because you have to use your Apple ID quite frequently to sign into your devices and to log in to the App Store or iTunes. Recently, there seems to be a hack that has targeted Apple IDs and locking users out. Here is what to do if you have already been hacked, and if not, how to protect yourself.

Continue reading

Ex-director of FBI, CIA takes on a phone scammer

Open/download audioRobocalls and phone scammers are getting worse. Most are merely annoying but some can be terrifying, like the scammer who threatened to kill Lynda and William Webster. Webster’s name may sound familiar: He’s the former head of the FBI and CIA. Plus hear some creative and hilarious ways people are getting even with robocalls, and learn tips you can use today.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Watch out: Scammers are now targeting your paycheck

Open/download audioThe days of Nigerian princes trying to con people out of hundreds of thousands of dollars seem like a fond memory now. Scammers aren’t asking for a lot of money, but they are getting more dangerous. There’s a scary new phishing scam that’s out to steal your paycheck. 

Learn more about your ad choices. Visit megaphone.fm/adchoices

Watch out for tax season scammers

Open/download audioAs you prepare to do your taxes, beware of online scams. Before you download any tax software, listen to Kim’s advice on what to watch out for to keep your data and your money safe.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Kim's Opinion: Revealed! The biggest phishing spoofed companies and busiest phishing days

We all know to watch out for email phishing scams. But what are the top brands spoofed by scammers and what are the most popular days they send out a bogus email?

The answers will surprise you.

Continue reading

Revealed! The biggest phishing spoofed companies and busiest phishing days

Open/download audioScammers use phishing emails constantly to try and steal your data and your money. They use popular brand names so that we think we are receiving emails from those companies. In this episode of Consumer Tech Update, Kim looks at the top company brands that scammers use as well as what days of the week scammers like to send these phishing emails.

Learn more about your ad choices. Visit megaphone.fm/adchoices

7 ways to get your unclaimed money even if you checked before

There’s something attractive about the idea of buried treasure. And that’s how it feels when you find unclaimed money just lying around waiting for you to claim it. Here are some free places to search to find money that belongs to you.

Continue reading

Don't fall for this latest viral Facebook scam

How many times can Facebook breach our trust before we finally walk away from the site for good? The social networking giant appears to be teflon when it comes to the number of mess-ups it can get away with.

Continue reading

Use Google for a reverse phone lookup

In a world full of spam and robo-calls, most of us look at an unknown number on our cell phones with a healthy dose of suspicion. What will happen if you answer? Will it be a legitimate call like an appointment reminder, or is it someone looking to scam you out of your money or personal information?

Continue reading

Beware! There's another new twist in this scary email scam

New ways crooks are using ATMs to empty your bank account

Open/download audioAnytime you swipe your credit or debit card, you are putting your money at risk. Hackers and scammers have gotten more sophisticated. In this free Komando on Demand podcast, I will tell you how to spot the skimmers and shimmers.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Top online vacation scams and how to avoid them

Open/download audioAs you head out for vacation, you can bet that scammers are working hard to snag your hard earned money. Here are the most important things you should do before booking a rental.

Learn more about your ad choices. Visit megaphone.fm/adchoices

Watch out! Clever spyware is spreading on porn sites

This file type is the most used in cyberattacks

Phishing emails with malicious attachments or links are a favorite of the cybercriminal. These types of attacks can be a very effective tool for fraudsters, especially in tricking the untrained eye. But among all the file types that can be used for duping potential victims, this well-known format is the most popular for cyberattacks. Read on and you might be surprised.

Continue reading

Watch out! Clever Amazon delivery scam spreading all over the country

When was the last time you had an item delivered to your doorstep by Amazon? If your answer is recently, please read on. There is a new, clever scam targeting Amazon customers and people all over the U.S. are falling for it. Don’t be one of the victims! I’ll tell you what to look for.

Continue reading

DO NOT donate to Hurricane Harvey charities until you listen to this podcast

Open/download audioFake charities and donation scams are on the rise in the aftermath of disasters. Scammers take advantage of public goodwill and steal billions of dollars from people who want to help. In this Komando on Demand podcast, I’ll tell you how to protect yourself and your loved ones from these crooks, while still providing aid to those in need.

Learn more about your ad choices. Visit megaphone.fm/adchoices