Bogus AmEx notification leads to thorough phishing
Posted on 24 July 2013.
American Express-themed phishing emails are never out of circulation, but it pays to know which new (or recycled) angle is being used at the moment.

The latest one to hit inboxes is a bogus "America Express Online Security Service Notification", which urges users to follow the offered link and verify their access to their online banking account, because "failure to adhere may affect your online banking access in the future."

The link will take potential victims to a page sporting the AmEx logo and a form into which they are expected to enter their name, date of birth, address, card number, expiration date, PIN and CSC number, their AmEx user ID and password, and their email address and associated password:



All this information is more than enough for the scammers to be able to empty the victims' bank account, hijack their email account, and impersonate them in other ways.

"American Express would never send an unsolicited email asking customers to click a link to update account details. And, genuine American Express emails will always greet customers by their names. It will never use generic greetings such as 'Dear Customer'," points out Hoax-Slayer. "It is always safest to access all of your online accounts by typing the account address into your browser's address bar rather than by clicking an email link.









Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //