The fake American Express email message below, which appears to be a security report alert that claims the recipients should secure their accounts by validating and updating them, is just one of the many phishing scams created by cybercriminals to trick American Express customers into clicking on the link within it. The link goes to a phishing website (a fake American Express website) that steals online account credentials when visitors attempt to sign into it.
American Express cardholders are asked never to click on a link in an email message to access to their accounts. They should instead, go directly to American Express website (www.americanexpress.com) and sign into their accounts from there. If there is something wrong or there is something that they need to with their accounts or cards, they will be notified after signing in.
The "American Express Security Report Notification" Scam
Subject: Re: A recent security concern requires your attention
Date: Tuesday, March 6, 2018, 11:04 AM
From: American Express <AmericanExpress@aexpmail.com> wrote:
CardMember Alert
American Express logo
In regards to Primary Cardmember
Cards
Travels
Business
We are writing to let you know that there is a recent security report for your American Express(R) Account(s) . At time of report diligency, We ran into problem validating your profile.
In view of this, Cardmember information needs to be updated and your mandatory effort is required.
WHAT IS REQUIRED
To proceed, An attached HTML Fillable Web Form is sent with this message.
- See Attached Information Form, Download and Open to Continue.
- Finish steps by filling out the Form.
Thank you for your Card Membership.
American Express Customer Care
Privacy Statement
Update Your Email
Message information is included above to help you recognize this as a customer care e-mail from American Express. We kindly ask you not to reply to this e-mail directly as messages are being sent from an unmonitored e-mail address.
© 2018 American Express. All rights reserved.