What is Phishing? | How to Spot Email Scams

Protect yourself from phishing

What is Phishing?

Spotting a scam

Protect yourself

Other types of fraud

What's a phishing email?

Phishing emails are messages made to look as though

they were sent from a bank, credit card company or

another trusted organization.

The emails usually contain a malicious link or attachment.

What do they contain?

Fraudsters will typically try to trick you into clicking a link through to a fake website. For example, you may be told that if you don't follow the link and update your password, your account will be suspended.

Once on the fake site, you could be asked to enter sensitive information such as your log-in details, password or account number. Like the phishing email, the site will look genuine but it's not.

How can I spot a Phishing email?

If you think you might have received a phishing email from American Express,

the first thing to do is check the email address it came from.

We will normally email you from the following addresses:

_{@americanexpress.com @aexpfeedback.com @aexp.com}

_{@email.americanexpress.com @welcome.aexp.com @welcome.americanexpress.com}

_{@americnexpress.co.in}

If we're emailing you about your Account, the message will usually also contain

your first name and the last few digits of your Account number.

Other ways to spot a phishing email

• The sender calls you something general like “customer” instead of your name.

• They want you to act urgently. For example, they might tell you that unless you do
something right away, your account may be closed.

• They want you to open an attachment you weren’t expecting.

• The email contains spelling and grammar mistakes.

• The email is sent from a different address or a free website address.

• They ask for personal information such as your username, password or bank details.

• To check the authenticity of the destination, hover the cursor over the URL to verify the desired destination.

• Call the sender directly to verify email, do not reply to email if you believe it's suspicious.

Reporting email scams

If you think an email looks like a phishing attempt, forward it to
Phishing@americanexpress.co.in as soon as you can.

Please do not include your Account number in the email.

If you think your American Express^® Account information has
been compromised, give us a call straight away.

link1

How to help protect yourself against scam emails

• Don’t give out your Card details, log in details, PIN or password.

• Keep your antivirus software, firewall and security patches up-to-date.

• Don’t reply to emails from unknown sources, nor should you open their
attachments or click on any links.

• Make sure your email system’s spam filter is switched on. Most can be

set to allow emails from trusted sources and block those from untrusted

sources.

Phone Scams

Fraudsters may also try to obtain your details over the phone - a process often known as vishing. This is a form of social engineering, which means obtaining sensitive information from people through deception and manipulation.

Be cautious of anyone asking for your personal information. Beware of fraudulent callers posing as American Express employees that request your Card details by offering a free upgrade on your existing American Express Card or to refresh your Know Your Customer (KYC) details in your e-wallet. Do not click on suspicious links sent by him/her. They may mirror your device or mobile sim to steal confidential information such as One Time Passwords (OTPs).

Please do not share any PIN, Password, OTP, Login ID, credit card details etc. American Express will never ask you for your account detials by email or phone, so any unsolicited call/SMS should be treated as suspicious. We only ask for security questions just to confirm your identity but would normally only ask for partial answers, so your personal information isn't revealed.

Fraudsters using Toll Free Numbers

Fraudsters have identified new ways of doing frauds.

They use toll free numbers similar to those of Banks and register these under name of the Bank. Consequently, a customer might not be able to be able to identify a fraudulent number from a genuine one. The customer may end up sharing his/her credentials which can lead to fraud on the card.

Hence, we advise you to never share your confidential information with anyone through any unsolicited calls

If you have any concerns, please call the number on the back of the Card immediately..

SMS Phishing

Fraudsters may send you a text message that asks you to confirm your Account details. You can spot them in the same ways you can spot a phishing email. Contact us straight away if something seems suspicious.

Bin-raiding

The oldest trick in the book – digging through your trash bin to find personal details and account information. Fraudsters still do this, even in the digital age, so stay on the safe side by thoroughly shredding bank statements and any other documents that contain sensitive information.