sb-au logo
Story image

AMEX phishing scam uses encryption to lull users into ‘false sense of security’

27 Jan 2017

A new fake AMEX phishing attack uses tactics that lull users into a false sense of security - it creates a website that mirrors the real one – and it has an SSL certificate, says security company MailGuard

The attack first start with a phishing email that states ‘suspicious activity’ has been detected on the victim’s credit card, and that corrective action must be taken.

To make it seem more convincing, the email says the card was recently used in Texas to purchase items. For security, the charges may be declined and the victim must click a link to ‘safeguard’ their account.

That link, MailGuard says, is a convincing American Express website that mirrors the real one, but the domain is different:

It also has an SSL certificate, achieved by many criminals by using a free SSL certificate provider.

The certificates make the site seem secure, but all it means is that the information sent over the fake website is encrypted.  Fooled users enter the details, which are then stolen, and are then taken to the real AMEX website.

MailGuard uncovered the email this week, and so far none of the 68 popular antivirus vendors were detecting the suspicious links.

MailGuard recommends users watch out for phishing scams by:

  • Checking the sender’s email address and comparing it to the real organisation’s website address
  • If the sender’s email is different or is sent from a free web address, it is most likely a phishing attempt
  • Checking if the greeting includes your name or a generic greeting such as “dear customer”
  • Checking if the requested account action is “urgent” or your account will be suspended or closed
  • If the email asks for personal information such as username, password, bank details or other sensitive information, it is most likely a phishing attempt.
Link image
How to prioritise metrics as an e-commerce CTO
E-commerce technology leaders need to track, analyze, and act on large volumes of business and system performance data. Danny Miles, the CTO of Dollar Shave Club, shares a powerful framework for thinking about and prioritizing e-commerce metricsMore
Story image
Fortinet unveils firewall offering for hyperscale & 5G environments
The company continues to push the boundaries of hardware-accelerated performance for security and networking convergence.More
Link image
Remote workforces can be a security hazard - but they don't have to be
Many companies have adjusted to a new reality: a workforce working from home. These workers need access to applications and files that sit inside the enterprise network, all while prioritising security. Here's how it can be done.More
Download image
Why the standard for cloud app authentication keeps getting higher
With this tool, users can choose their authentication method, integrate all apps with one authentication solution and take the stress out of logging in.More
Story image
AWS launches fully-managed fraud detection service
Businesses lose billions of dollars to online fraud every year, however businesses respond by investing in cumbersome fraud management solutions that often rely on hand-coded rules and are difficult to keep up to date.More
Story image
10 cybersecurity risks to consider when transitioning back to the office
According to BSI, working from home (WFH) and working from office (WFO) scenarios should be applied by organisations interchangeably when reopening, with an aim to mitigate potential cybersecurity risks and ensure data privacy regulations are not violated.More