A new email scam is doing the rounds, this time
imitating an American Express email warning users of suspicious activity on
their cards.
Uncovered by Mailguard, the email links to what appears to be
the American Express website in order for users to “safeguard” their account.
In reality, users are tricked into handing over their card details through what
seems to be a legitimate interface.
This is the second email scam in recent weeks that has perfectly
replicated a legitimate website, with an scam imitating Australia Post using up-to-date graphics and even a
“Captcha” system for implied security.
This time scammers have gone one step further,
registering the domain with a free SSL certificate provider in order to further
imitate a secure website. SLL certificates give websites the green lock symbol
next to the URL along with a “https” web address.
Any website requiring payment details or other
sensitive information will almost always have a SSL certificate, indicating an
encrypted connection.
However, any website can get an SSL certificate,
and it does not mean the website is legitimate or that data is secure. In
the past, a green lock indicated that a website was legitimate, but recent
changes now allow any website to receive a free SSL certificate.
After entering their credit card information
through this scam email, the user is directed back to the legitimate American
Express website.
On their website, American Express offers some tips
for users in spotting a fake or malicious email:
“Fake emails can often (but not always) be spotted
in the following ways:
·
The sender’s email address is
different from the real organisation’s website address.
·
The email is sent from a completely
different address or a free webmail address.
·
The email does not use your proper
name, but uses a non-specific greeting such as “Dear customer”.
·
They want you to act urgently – i.e.
that unless you do something right away, your account may be closed or
suspended.
·
The email contains a request for
personal information such as username, password or bank details.”
Source: SmartCompany
