Businesses be warned: New American Express scam replicates secure website

A new email scam is doing the rounds, this time imitating an American Express email warning users of suspicious activity on their cards.

Uncovered by Mailguard, the email links to what appears to be the American Express website in order for users to “safeguard” their account. In reality, users are tricked into handing over their card details through what seems to be a legitimate interface.

This is the second email scam in recent weeks that has perfectly replicated a legitimate website, with an scam imitating Australia Post using up-to-date graphics and even a “Captcha” system for implied security.

This time scammers have gone one step further, registering the domain with a free SSL certificate provider in order to further imitate a secure website. SLL certificates give websites the green lock symbol next to the URL along with a “https” web address.

Any website requiring payment details or other sensitive information will almost always have a SSL certificate, indicating an encrypted connection.

However, any website can get an SSL certificate, and it does not mean the website is legitimate or that data is secure. In the past, a green lock indicated that a website was legitimate, but recent changes now allow any website to receive a free SSL certificate.

After entering their credit card information through this scam email, the user is directed back to the legitimate American Express website.

On their website, American Express offers some tips for users in spotting a fake or malicious email:

“Fake emails can often (but not always) be spotted in the following ways:

  • The sender’s email address is different from the real organisation’s website address.
  • The email is sent from a completely different address or a free webmail address.
  • The email does not use your proper name, but uses a non-specific greeting such as “Dear customer”.
  • They want you to act urgently – i.e. that unless you do something right away, your account may be closed or suspended.
  • The email contains a request for personal information such as username, password or bank details.”

Never miss a story: sign up to SmartCompany’s free daily newsletter and find our best stories on TwitterFacebook, LinkedIn and Instagram.

Trending

COMMENTS

Subscribe
Notify of
guest
2 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Bonester
Bonester
3 years ago

I don’t know if American Express is as sloppy with security as they were a couple of years ago but I had several fraudulent transactions on my account one Boxing Day. It turns out that they were on an old (pre-chip) card that was replaced the previous August by the chip card with a different number. How should it be possible to make transactions on a card that should have been cancelled? They couldn’t tell me, so, as most of the places I might want to use it have surcharge for Amex I cancelled it. They didn’t seem at all concerned that a 20 year member was cancelling either .

The SSL Store
3 years ago

I think this has to happen. It’s shocking but not that much that it can’t be expected at all. Free SSL/TLS Certificate, does offers an advantage of https but it also comes up with disadvantage and the advantage of this thing has been taken here. Free SSL/TLS Certificates are not verifying the domain ownership, they are provided to everyone by just having an email verification, which literally becomes a good way for attackers to trick their victims.

People should start taking serious steps towards online security and should become self-sufficient that they don’t become a victim by doing silly mistakes which can easily be avoided.