sb-nz logo
Story image

AMEX phishing scam uses encryption to lull users into ‘false sense of security’

27 Jan 2017

A new fake AMEX phishing attack uses tactics that lull users into a false sense of security - it creates a website that mirrors the real one – and it has an SSL certificate, says security company MailGuard

The attack first start with a phishing email that states ‘suspicious activity’ has been detected on the victim’s credit card, and that corrective action must be taken.

To make it seem more convincing, the email says the card was recently used in Texas to purchase items. For security, the charges may be declined and the victim must click a link to ‘safeguard’ their account.

That link, MailGuard says, is a convincing American Express website that mirrors the real one, but the domain is different: onlinebanking-americanexpress.com.

It also has an SSL certificate, achieved by many criminals by using a free SSL certificate provider.

The certificates make the site seem secure, but all it means is that the information sent over the fake website is encrypted.  Fooled users enter the details, which are then stolen, and are then taken to the real AMEX website.

MailGuard uncovered the email this week, and so far none of the 68 popular antivirus vendors were detecting the suspicious links.

MailGuard recommends users watch out for phishing scams by:

  • Checking the sender’s email address and comparing it to the real organisation’s website address
  • If the sender’s email is different or is sent from a free web address, it is most likely a phishing attempt
  • Checking if the greeting includes your name or a generic greeting such as “dear customer”
  • Checking if the requested account action is “urgent” or your account will be suspended or closed
  • If the email asks for personal information such as username, password, bank details or other sensitive information, it is most likely a phishing attempt.
Story image
The three-pronged security approach that confronts security breaches head-on
Having these three processes working in tandem is key to cushioning the blow of a breach - which, if insufficiently protected, can take on average 279 days to contain and costs an average of almost US$4 million.More
Story image
COVID-19 crushes fingerprint reader market
However, the biometrics market is expected to regain momentum with alternatives already beginning to find their feet.More
Story image
SOC as a Service: Fortinet’s answer to today’s network challenges
Jon McGettigan, Fortinet A/NZ Regional Director, explains how SOC as a Service can back up your current SOC team, fast-track deployments and ensure regulatory compliance.More
Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More
Story image
Video: 10 Minute IT Jams - protecting data with user behaviour analytics
In this video, Forcepoint senior sales engineer and solutions architect Matthew Bant discusses the company's DLP solution, the importance of integrating compliance into security solutions, and why cybersecurity strategies should take a more people-based approach.More
Story image
Security and operations collaboration key to success post COVID-19
“We are in an ultra-hybrid world with multi-everything, and in order to successfully navigate this landscape, ITOps, DevOps, and SecOps teams need to more closely align."More