Posted on 03/14/2014 3:29:18 PM PDT by Eva
I received this email today and immediately called American Express. They said that my account was in good standing and that they did not see any problem. They did not say whether they sent the email, but the woman said that she didn't see any problem with the account.
This is the email:
Dear American Express Member
Because of unusual number of invalid login attempts on you account, we had to believe that, there might be some security problems on you account.
So we have decided to put an extra verification process to ensure your identity and your account security.
Please download the attached file and continue to the verification process and ensure your account security.
If we do not receive the appropriate account verification within 48 hours, then we will assume this American Express account is fraudulent and will be suspended.
The purpose of this verification is to ensure that your American Express account has not been fraudulently used, and to combat the fraud from our community.
We appreciate your support and understanding and thank you for your prompt attention to this matter.
Sincerely,
American Express Customer Service
When you click on the verification symbol, you get a page that asks for all the personal information for the account. I started to fill it out and then I realized that it is probably a fraud. What do you think?
Eva
This is a great free route kit, make sure you click top and check mark all the options, it will reboot your system and see if anything is hiding in your startup.
http://www.malwarebytes.org/antirootkit/
Forward the email to their fraud hotline..... http://www.americanexpress.com/us/content/fraud-protection-center.html
No "probably" about it.
First, legit companies NEVER send this kind of e-mail.
Second, real e-mails from credit card companies usually get the spelling and grammar right. Scammers almost never do, and this example is no exception.
"on you account"? Are you kidding me?
"So we have decided to put an extra verification process"... "Put" an extra verification process? Who writes like that? Be vigilant and immediately delete every e-mail like this that you receive and NEVER click a link.
Don't think these will stop; thee phishers are persistent. I get three or four emails like this a day, and they can be very imaginative.
If you have the time, you can forward the e-mails to the fraud unit of whoever they are masquerading as, in this case American Express. Often the scammers are using hijacked servers - I got one that used the servers of a small community hospital in Minnesota, for example.
Another thing you might consider is supporting the death penalty for these scum when they are caught.
Write "you" congressman.
I got an email like this once. Mousing over the link displayed a long but apparently legitimate URL. Too long to fully display. Being curious, I copied the URL to the clipboard and pasted it into an editor, so that I could see the whole thing. Turned out, the URL ended with an @-sign followed by a raw IP address, a slash, and some more gobbledygook.
The @-sign syntax is intended to allow URLs of the form:
http://userid:password@example.com/blah
IOW, the URL I was dealing with actually went to the IP address buried at the end, not to the apparent URL in the userid field. Cute.
Thats a Phishing attempt if there ever was.Don’t reply to it at all.Just Trash it.
If your really concerned just call the Customer Service number on your account and verify your account info there.
I see a lot of these messages.The one thing about them is the bastards creating these letters are getting more creative so be careful out there.
It’s a fraud. The key is that they asked for all of your personal information. American Express already knows it.
You might want to look at (or copy for people here) the full header of your email. I’ll bet it isn’t from American Express.
Amex will call you if they are concerned about an account.
Get phone calls and emails all the time claiming there’s a problem with my credit card account - always a fraud unless they request you to contact a previously established number or email address already in your possession.....
Also, if they ever do call, you will be told by the agent to call them back at the toll free number on your card. Don’t ever disuss anything on the phone during an incoming call you didn’t expect to get. Same with an email.
Oh, you poor woman. How did you manage to post this to FR? You need to disconnect you computer ... forever.
It is why I never answer anything from an email link. Always go direct to the site by inputting the company’s url or phone them.
Be safe don’t click ;)
100 percent, absolutely, positively a thief’s attempt.
IT'S A SCAM !
“Assume everything is a scam and delete, ignore, don’t worry about it. If it’s not, you’ll know.”
I agree - but I have deleted some things by people that I was supposed to get. (New contacts with a heading like “info:”) That is THEIR fault. (And yes - I do find out about them).
Other scams:
Problem with FedEx package delivery. (If I have a package enroute at the time, I go to the FedEx site to confirm.)
Got a phone call(!) from Microsoft warning me that I had a virus. (Please leave me alone and don’t call back. Guy sounded like “Peggy”).
Your PayPal account has expired.
All of those sex pill ads are legit though. Luckily I don’t need them (yet?).
I'd kill 'em twice, to just to be sure.
That right there tells you everything you need to know.
Surely you figured that out?
AmEx will not ask you to download anything.
Dump the e-mail and run a check on your computer.
You go to your email program, and under some menu item (I use Mac Mail, so it is under VIEW>>MESSAGE>>RAW SOURCE, but Outlook or any other will be different. Most give you a way to do it)
Anyway, find out how to view the headers or raw source of the email, copy and paste it into the window at the website, and click "Lookup". You get something that looks like this:
If I see ANYTHING funky, like an email from Cyprus (or Romania, etc) as in this junk mail I got, I won't open it. You can also forward your email to your company, most have a special email address you can send suspect emails to, and they will send an automated message back saying "It isn't ours" or something like that.
Most of the time, though, it is commonsense, you just have to think about it.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.