* Scam Of The Week: Fake AmEx "Security Verification"
Phishing attacks come in waves. Old ones get "refurbished" and sent out again after several months. Shiny new ones are cooked up all the time. Sometimes you see hybrids of old and new, and that is what is doing the rounds at the moment. Remind all employees that they need to delete these types of phishing attacks, (and not click on any unsubscribe
links either!)
The attack tries to make recipients open the file in the attachment and fill out a detailed screen. The email claims to be a notification about a "Membership Security Verification," and warns the recipient that a "slight error" has been detected in their AmEx accounts. To correct the error and prevent their account from getting shut down in the next 48 hours - the recipient is urged to download the attached HTML file, open it in a browser and fill out a boatload of information.
[caption id="" align="alignleft" width="400" caption="Fake AmEx "Security Verification""]![Fake AmEx]()
[/caption]
As you can see in this screenshot, the criminals go whole hog and want it all: username, address, home and work telephone numbers, SSN#, mother's maiden name and date of birth, users' date of birth, AmEx credit card number, expiry date, card security code, ATM PIN, email address and the password for it. Obviously all this submitted data gets
sent to the criminal mothership and sold to the highest bidder!
Phishing attacks come in waves. Old ones get "refurbished" and sent out again after several months. Shiny new ones are cooked up all the time. Sometimes you see hybrids of old and new, and that is what is doing the rounds at the moment. Remind all employees that they need to delete these types of phishing attacks, (and not click on any unsubscribe
links either!)
The attack tries to make recipients open the file in the attachment and fill out a detailed screen. The email claims to be a notification about a "Membership Security Verification," and warns the recipient that a "slight error" has been detected in their AmEx accounts. To correct the error and prevent their account from getting shut down in the next 48 hours - the recipient is urged to download the attached HTML file, open it in a browser and fill out a boatload of information.
[caption id="" align="alignleft" width="400" caption="Fake AmEx "Security Verification""]
As you can see in this screenshot, the criminals go whole hog and want it all: username, address, home and work telephone numbers, SSN#, mother's maiden name and date of birth, users' date of birth, AmEx credit card number, expiry date, card security code, ATM PIN, email address and the password for it. Obviously all this submitted data gets
sent to the criminal mothership and sold to the highest bidder!
