American Express Membership Rewards - Amex email links to spam site

I received an email from American Express that said, in part, this:

For Your Security:
Cardmember: [PTRAVEL] (obviously, I've deleted my real name and info]
Account Ending: [xxxxx]

================================================== =========
Discover all the places your Card fits into your life.
Start exploring at:
http://email.americanexpress.com/a/[code deleted]
================================================== =========

Dear PTRAVEL,

Your American Express(R) Platinum Card has dozens of
useful features built-in, including new tools that can
help you manage your finances.


At yourcardfeatures.com/platinum you'll discover how
to get the most out of your Card, and perhaps uncover
a few surprises.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~
Visit:
http://email.americanexpress.com/a/[code deleted]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~


Both of those links took me to one of those "place holder" fake search sites, complete with automatic-opening windows, spamming a variety of things completely unrelated to Amex.

I'm curious -- is someone sending out Amex phishing emails that INCLUDE card holder names and the last 5 digits of the account number? Did Amex just screw up?

Strange.

You probably just haven't opted-out of "share my information with third-parties" for your E-mail, is all.

You probably just haven't opted-out of "share my information with third-parties" for your E-mail, is all.This was an Amex email about some of the features of the Platinum card. The linked sight is clearly not a third-party Amex partner. It is a cybersquatter, pure and simple.

This was an Amex email about some of the features of the Platinum card. The linked sight is clearly not a third-party Amex partner. It is a cybersquatter, pure and simple.

What is the site that you end up on when clicking the link? Is there an @ symbol in the "code" that you describe?

I don't see how a cybersquatter can be controlling email.americanexpress.com since it is a sub-domain of americanexpress.com and that is still registered to the real AmEx.

My guess is that there is a typo somewhere in the "redirect" that is encoded in the link you have, making the redirect go to some other site, not to something that AmEx controls.

What is the site that you end up on when clicking the link? Is there an @ symbol in the "code" that you describe?There is no @ symbol in the code -- it's all alphabetic.

I've noticed that, when I view the email as HTML, those links don't appear -- only when viewed as plain text. I think what may have happened is that amex dropped the particular link but is using old emails as templates for new ones.

I don't see how a cybersquatter can be controlling email.americanexpress.com since it is a sub-domain of americanexpress.com and that is still registered to the real AmEx.I can only tell you what is there. I've sued enough cybersquatters to recognize a bogus search page when I see one.

My guess is that there is a typo somewhere in the "redirect" that is encoded in the link you have, making the redirect go to some other site, not to something that AmEx controls.That makes sense, too.

I don't doubt you that the site you're being redirected to is junk. I just doubt that the site is actually within the americanexpress.com namespace. That is why I asked what the URL is for the actual site that you end up on.

As for the difference between the HTML and plain text version of the email, are there any links at all in the HTML version? Are they different than the plain text ones?

I don't doubt you that the site you're being redirected to is junk. I just doubt that the site is actually within the americanexpress.com namespace. That is why I asked what the URL is for the actual site that you end up on.

As for the difference between the HTML and plain text version of the email, are there any links at all in the HTML version? Are they different than the plain text ones?There's only one link in the HTML version and it goes to where it should, i.e. an Amex site on some of the benefits available to Plats.

I called Amex and explained what happened. They asked me to forward the email to them, which I've done.