Email Fraud Alert – Example of Fraudulent E-Mail
As an example of a phishing e-mail, please note some of our customers reported receiving the following e-mail, which is known to be a hoax.
Approximate date the e-mail hoax was sent: December 13, 2008 and October 20, 2008
Address appearing in "Sender" line: American Express and AmericanExpress@email2.americanexpress.com
Some examples of the "Subject" line being used in this scam include:
American Express: security maintenance
American Express: new online security measures
American Express: data confirmation
American Express security upgrade
Content of the e-mail:
“As part of the new security measures, all American Express Card holders are required to complete American Express Customer Form.” A link takes Cardmembers to an online form that asks for their American Express Card number, as well as other sensitive security information.
If you have received and/or responded to an e-mail of this nature, purportedly from American Express, please see instructions below.
American Express Protects Your Privacy and Personal Information
American Express takes your privacy very seriously. Should our name be used in efforts to fraudulently obtain personal information, we will work aggressively to halt those operations. In addition, it is important to know that American Express never sends e-mails requesting customers to reply in the body of an e-mail with personal information, such as password, social security number, account numbers, mother's maiden name, etc.
Phishing (pronounced "fishing") refers to fraudulent communications designed to deceive consumers into divulging personal, financial, or account information, including account user name and password, credit card information, and social security number. E-mail is most commonly used for phishing due to its low cost, greater anonymity for the sender, the ability to reach a large target group instantly, and the potential to solicit an immediate response. However, fraudsters have also used online pop-up windows, direct mail and phone calls.
Phishing e-mails often appear to come from legitimate financial institutions, insurance companies or retailers. Techniques such as a false "from" address, the use of seemingly authentic logos from financial institutions, or Web links and graphics may be used to mislead consumers into believing that they are dealing with a legitimate request for personal information. These fraudulent e-mails often create a false sense of urgency intended to provoke the recipient to take immediate action; for example, phishing e-mails frequently instruct recipients to "validate" or "update" account information or face cancellation.
If you receive an e-mail that you believe could be fraudulent, please contact American Express and your issuing back as follows:
If you have already responded to an e-mail with your American Express account information and you believe it to be fraudulent, please contact Customer Service immediately by calling the number on the back of your Card. Also, make sure that you immediately change any passwords and continue to monitor your account activities.
Keep all your financial details safe and secure. Here’s what you can do to help minimize the risk of fraud.
• Never let anyone else use your debit, credit or charge cards
• Immediately sign the back of new cards
• Always destroy old, expired cards by cutting them up
• Let us know immediately if you've lost your Card, or think it may be stolen. We will then be able to cancel the Card and prevent fraudulent transactions.
Protect your PIN
• Never keep your PIN in your wallet, purse or diary, or record it in a way that others could understand
• Do not tell anyone else your PIN, password or security information
• Always try to cover your hand when entering your PIN at a terminal or ATM to prevent others seeing your number
Shop wisely online
• When shopping online, only use "secure" web pages. A web page is secure if there is a locked padlock in the lower right-hand corner of your browser or if the address starts with 'https', where the 's' stands for secure.
Review your statements regularly
• Keep copies of your receipts and compare them to your statement
• Call your card issuer as soon as possible if an unrecognized charge or charges appear on one of your statements
• When no longer required, make sure you destroy or securely dispose any unwanted statements
• Checking your statements is easy to do with online services - you can check your transactions daily. Or register for card alerts to monitor your account activity, with weekly account balance updates by email or text message
Protect yourself from identity theft
• Safeguard all your personal information and documents, especially your date of birth - this information can be used to steal your identity
• Tear up or shred any sensitive information from financial organizations or utility companies when no longer needed
• Review your credit reference report regularly; this may be the earliest way to identify fraudulent activity when you are the victim identity theft
Copyright 2008 American Express Company.
All Rights Reserved