Strange Email from Amex
#1
A FlyerTalk Posting Legend
Original Poster
Join Date: Sep 2002
Location: LAX/TPE
Programs: United 1K, JAL Sapphire, SPG Lifetime Platinum, National Executive Elite, Hertz PC, Avis PC
Posts: 42,211
Strange Email from Amex
I've been receiving these emails for the past few days with a HTML attachment that I've obviously never opened or downloaded. I suspect it's spam, but I was curious if anyone else has ever received something similar:
The sender is [email protected] but it's actually showing as American Express [email protected] which seems to indicate a spam/phishing attempt.
The sender is [email protected] but it's actually showing as American Express [email protected] which seems to indicate a spam/phishing attempt.
Dear Cardmember,
To meet government guidelines that prevent money laundering and terrorist financing, financial institutions must maintain current information about their customers. Therefore, we are requesting that our customers update their profiles.
For this reason, new charges on your accounts may be declined, we advise you start your update right away.
To start, An attached HTML Webpage Fillable Web Form is sent with this message.
- See Attached Form, Download and Open to Continue.
- This has been uniquely Prefilled for you.
- You’ll need to complete some steps to ensure the security of your account.
- Finish steps by filling out the Form.
Your prompt response regarding this matter is appreciated.
Sincerely,
American Express Customer Service
To meet government guidelines that prevent money laundering and terrorist financing, financial institutions must maintain current information about their customers. Therefore, we are requesting that our customers update their profiles.
For this reason, new charges on your accounts may be declined, we advise you start your update right away.
To start, An attached HTML Webpage Fillable Web Form is sent with this message.
- See Attached Form, Download and Open to Continue.
- This has been uniquely Prefilled for you.
- You’ll need to complete some steps to ensure the security of your account.
- Finish steps by filling out the Form.
Your prompt response regarding this matter is appreciated.
Sincerely,
American Express Customer Service
#3
A FlyerTalk Posting Legend
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,413
I agree that you should report this to AmEx (and also watch for suspicious account activity, especially assuming if they used the email address attached to your AmEx account(s)).
#4
Moderator
Join Date: Jun 2003
Location: Miami, Mpls & London
Programs: AA & Marriott Perpetual Platinum; DL & HH Gold
Posts: 48,958
#8
Suspended
Join Date: Aug 2010
Location: DCA
Programs: UA US CO AA DL FL
Posts: 50,262
The entire goal of phishing emails is to get you to act quickly.
Anytime you are asked to download or clock through, your immediate reaction ought to be to call (the number on your card, not a number listed on the email).
If by some chance this happened to be a poorly-done but legitimate requirement, you would then learn that from your call.
Anytime you are asked to download or clock through, your immediate reaction ought to be to call (the number on your card, not a number listed on the email).
If by some chance this happened to be a poorly-done but legitimate requirement, you would then learn that from your call.
#10
Moderator
Join Date: Jun 2003
Location: Miami, Mpls & London
Programs: AA & Marriott Perpetual Platinum; DL & HH Gold
Posts: 48,958
#11
Join Date: Mar 2012
Location: Boulder
Programs: AA Plat, CX Silver
Posts: 2,361
Mostly the infosec team want to arm themselves for when they go lecture the marketing department (or whoever) about their bad security practices.
#12
Join Date: Mar 2005
Location: Tampa
Programs: UA 1K; PC RA
Posts: 93
I've been receiving these emails for the past few days with a HTML attachment that I've obviously never opened or downloaded. I suspect it's spam, but I was curious if anyone else has ever received something similar:
The sender is [email protected] but it's actually showing as American Express [email protected] which seems to indicate a spam/phishing attempt.
The sender is [email protected] but it's actually showing as American Express [email protected] which seems to indicate a spam/phishing attempt.
I received the same email over the weekend, and from analyzing its headers, and using compartmentalized email addresses, it appears that whoever sent this got my individualized email address from a FL Department of Corporations filing. There may have been a leak from there (or it was an inside harvesting job).
Perhaps as a Florida resident, you have in the past filed something with the same guys and were harvested the same way.
Just guessing...