American Express 'Personal Security Key' Phishing Scam
Posted by: Timothy Tibbetts on 02/26/2014 09:33 AM
[
Comments
]
An email is making the rounds claiming to come from American Express instructing you to visit their website and create a Personal Security Key (PSK) as an account authentication measure.
The emails and websites used look like the real deal and it’s easy to be tricked.
Don’t click links in email.
Don’t click links in email.
Don’t click links in email.
In this case, if you do follow the link, the criminals are looking to get your account information or better yet, your credit card information.
The email will read:
“Important: Personal Key
Please create your Personal Security Key. Personal Security Key (PSK) is one of several authentication measures we utilize to ensure we are conducting business with you, and only you, when you contact us for assistance.
American Express uses 128-bit Secure Sockets Layer (SSL) technology. This means that when you are on our secured website the data transferred between American Express and you is encrypted and cannot be viewed by any other party. The security of your personal information is of the utmost importance to American Express, please click here or visit our website at [removed] to create your PSK (Personal Security Key).
Note: You will be redirected to a secure encrypted website.
Thank you,
American Express
Your Card Member information is included in the upper-right corner to help you recognize this as a customer service e-mail from American Express. To learn more about e-mail security or report a suspicious e-mail, please visit us at americanexpress.com/phishing. We kindly ask you not to reply to this e-mail but instead contact us via customer service.”
Luckily, the website has been taken down but creating a new website is simple and most likely will be back online somewhere else very soon.
American Express also has a security center with information on phishing, phone phishing and even dumpster diving. Yes, dumpster diving. Always shred any personal information. Check it out at https://www.americanexpress.com/us/content/fraud-protection-center/identity-theft.html
The emails and websites used look like the real deal and it’s easy to be tricked.
Don’t click links in email.
Don’t click links in email.
Don’t click links in email.
In this case, if you do follow the link, the criminals are looking to get your account information or better yet, your credit card information.
The email will read:
“Important: Personal Key
Please create your Personal Security Key. Personal Security Key (PSK) is one of several authentication measures we utilize to ensure we are conducting business with you, and only you, when you contact us for assistance.
American Express uses 128-bit Secure Sockets Layer (SSL) technology. This means that when you are on our secured website the data transferred between American Express and you is encrypted and cannot be viewed by any other party. The security of your personal information is of the utmost importance to American Express, please click here or visit our website at [removed] to create your PSK (Personal Security Key).
Note: You will be redirected to a secure encrypted website.
Thank you,
American Express
Your Card Member information is included in the upper-right corner to help you recognize this as a customer service e-mail from American Express. To learn more about e-mail security or report a suspicious e-mail, please visit us at americanexpress.com/phishing. We kindly ask you not to reply to this e-mail but instead contact us via customer service.”
Luckily, the website has been taken down but creating a new website is simple and most likely will be back online somewhere else very soon.
American Express also has a security center with information on phishing, phone phishing and even dumpster diving. Yes, dumpster diving. Always shred any personal information. Check it out at https://www.americanexpress.com/us/content/fraud-protection-center/identity-theft.html
Comments
