I just got a phishing email that looks like it’s coming from American Express. The From and the To addresses were forged, and the real To: address was hidden. The Subject line was “Regarding a security concern”
The real To: address was a unique address given to Exact Data (exactdata.com) so it is clear that their systems were compromised and their customer’s data was propagated to cybercriminals.
Unique features to this phishing email:
The From address was a portoinrete.com address which I expect was forged, and the apparent To address was customerservice@amx.com. The email had a “Card account: Starting: 37XX” in the upper left hand corner. Credit card companies don’t use the starting digits to identify because the starting digits are all the same for a given credit card vendor. But if you weren’t paying close attention, that might convince you that it’s legit. Another thing that set it off was that they attached an html form – an “HTML Webpage Fillable Web Form” (note the ‘off’ language). I’m not opening the form to see what it looks like!
Beware! If you have any questions about emails, contact us via the “Contact Us” link below!