sb-as logo
Story image

AMEX phishing scam uses encryption to lull users into ‘false sense of security’

27 Jan 2017

A new fake AMEX phishing attack uses tactics that lull users into a false sense of security - it creates a website that mirrors the real one – and it has an SSL certificate, says security company MailGuard

The attack first start with a phishing email that states ‘suspicious activity’ has been detected on the victim’s credit card, and that corrective action must be taken.

To make it seem more convincing, the email says the card was recently used in Texas to purchase items. For security, the charges may be declined and the victim must click a link to ‘safeguard’ their account.

That link, MailGuard says, is a convincing American Express website that mirrors the real one, but the domain is different: onlinebanking-americanexpress.com.

It also has an SSL certificate, achieved by many criminals by using a free SSL certificate provider.

The certificates make the site seem secure, but all it means is that the information sent over the fake website is encrypted.  Fooled users enter the details, which are then stolen, and are then taken to the real AMEX website.

MailGuard uncovered the email this week, and so far none of the 68 popular antivirus vendors were detecting the suspicious links.

MailGuard recommends users watch out for phishing scams by:

  • Checking the sender’s email address and comparing it to the real organisation’s website address
  • If the sender’s email is different or is sent from a free web address, it is most likely a phishing attempt
  • Checking if the greeting includes your name or a generic greeting such as “dear customer”
  • Checking if the requested account action is “urgent” or your account will be suspended or closed
  • If the email asks for personal information such as username, password, bank details or other sensitive information, it is most likely a phishing attempt.
Story image
Insider threat report reveals deception in the workforce
Insider threats come from people inside an enterprise, whether they divulge proprietary information with nefarious intentions, or are just careless employees that unwittingly share sensitive data, writes Bitglass product marketing manager Juan Lugo.More
Story image
The business case for an in-house ethical hacker
Ethical hackers, also known as penetration testers or white-hat hackers, mimic the techniques used by malicious hackers to try and break into computer systems and discover vulnerabilities before the bad guys can exploit them.More
Story image
Women in cybersecurity – what is holding us back?
A robust and diverse workforce with wide-ranging skills and depth of experience is essential for providing balance, safety and continuity to both the industry and countries at large. More
Story image
How to address cyber-threats as a strategic risk
Becoming a cyber-secure organisation in the face of an evolving threat landscape requires a strategic, business-focused approach to security as opposed to a tactical approach in which security is addressed simply by implementing new tools.More
Story image
Google Cloud observes spike in DDoS volumes in last two years
Google Cloud has seen an ‘exponential’ rise in distributed denial of service (DDoS) attacks over the past decade, but the biggest attacks have only occurred in the past couple of years.More
Story image
Video: 10 Minute IT Jams - SonicWall VP discusses the importance of endpoint security
In this video, Dmitriy discusses the exposure points and new risks that come as a result of widespread flexible working arrangements, how organisations should secure their massively distributed networks, and how SonicWall's Boundless Cybersecurity model can solve these issues.More