Posted on 03/14/2014 3:29:18 PM PDT by Eva
I received this email today and immediately called American Express. They said that my account was in good standing and that they did not see any problem. They did not say whether they sent the email, but the woman said that she didn't see any problem with the account.
This is the email:
Dear American Express Member
Because of unusual number of invalid login attempts on you account, we had to believe that, there might be some security problems on you account.
So we have decided to put an extra verification process to ensure your identity and your account security.
Please download the attached file and continue to the verification process and ensure your account security.
If we do not receive the appropriate account verification within 48 hours, then we will assume this American Express account is fraudulent and will be suspended.
The purpose of this verification is to ensure that your American Express account has not been fraudulently used, and to combat the fraud from our community.
We appreciate your support and understanding and thank you for your prompt attention to this matter.
Sincerely,
American Express Customer Service
When you click on the verification symbol, you get a page that asks for all the personal information for the account. I started to fill it out and then I realized that it is probably a fraud. What do you think?
Obvious attempt to get you to click on something that will infect your PC.
A bank would never send you such garbage.
I’ve been with them 33 years. They would never send you such an email. It is fake and likely very dangerous is you download the attachment.
Sounds like a phishing scheme that tries to get you to click on the link in the email.
If/when I get anything from my bank or credit union or credit cards, etc., I never click on the link in the email. Instead, I click on the valid one in my bookmarks/favorites. That way, I know it is going to the right location.
Most companies say they do NOT contact you by email regarding a problem with your account.
Put me down for phish. Financial institutions don’t do business this way.
1. Good move calling them first. That is always the right answer.
2. Bad move opening the attachment, even if you didn’t finish filling in everything.
3. It is absolutely essential that you do a full scan for viruses, malware, etc., as soon as possible, using high-quality software. It is quite possible that you infected your computer even if you didn’t directly hand over the information they want.
Note: “high-quality” is a debatable adjective, but I imagine you can get high-quality opinions on what to use right here if you don’t already have McAfee, Kaspersky, or one of the other big-name versions.
I clicked on the link at the bottom of the page already, before I realized it was not legitimate. Now what do I do?
I used to get phishing emails from paypai.com.
In all caps, it looks legit — PAYPAI.COM — as the ‘I’ resembles an ‘L’ in some fonts.
Use your anti-virus software and do a full scan.
LOL. Let’s party!
I called in today and they said that there was no problem with my account. The reason that I was fooled at first is because I had been having trouble with account, trying to pay from my bank and not receiving the e-bills. I have been having so much trouble trying to pay bills on line. I got a notice from the bank that they had forgotten to pay one of my bills and that they would be responsible for the late charges and when I called the payee, they said that I had paid twice and didn’t owe anything this month.
I was almost a fool. There is no way to notify Google of the phishing attempt, though.
It is a PHISH, delete and let AMEX know about it.
Depending on how the page is written, it may have been uploading your keystrokes in real time.
That's how Google does its real-time suggestions as you type a query. Google has already seen what you've typed and generated a list of logical completions and results for what you've typed so far.
did it actually start installing something?
Most of the time when your mouse cursor hovers over the “link” they are telling you to click, down at the bottom of your browser page will be the actual web address it will take you to. It usually looks weird.
Google “cryptolocker”.
Very, very nasty.
That’s quite likely what’s lurking in that file.
Be especially wary of any file attachment with a .zip or .pdf in the file name.
Oh Eva! It is a most definitely a phising scam. But don’t beat yourself up over it, a lot of people fall for them otherwise the scammers would stop doing them. But take action now!
No credit card company will ever send you an email with an attachment to download or ask you via email to verify your personal information or account information. NEVER! But since you opened the email and clicked on the link and started filling out the form, run an anti-virus and anti-spyware scan on your computer - stat! If you don’t have any, let me know, I can point you toward some free scanners like AVG and Malwarebites.
Also contact Amex right now and I mean right now! Tell them you received a phishing email and started to respond to it before realizing what it was. Ask them to cancel your account number, put a hold on all transactions and reissue you a new card number – stat! Seriously. Do it now! Right now! Also ask the customer service rep to put you in touch with their fraud department. The fraud department may want you to forward the email to them but as soon as you do, delete it.
After running a good anti-virus and anti-spyware scan on your computer, change all your online account passwords. I would also contact my bank and ask for a new debit card with a new PIN number just to be safe.
Here is some good info on phishing scams and how to avoid them:
http://www.hoax-slayer.com/phisher-scams.html
Keep in mind that if there was suspected fraudulent transactions on your Amex card, they would have called you personally to verify them and not via an email. But they would never ask you to provide your password or PIN, security question answers or any other personal information save for perhaps your billing zip code and the last 4 digits of your account number or SSN for verification that they reached the correct person. But just to be safe, if you do get a call from someone saying that they are from your cc company or bank, it is better to tell the caller that you will call back then call the phone number on the back of your card or credit card statement.
My credit card company called me about a year ago to ask if a suspicious transaction was valid, it wasn’t. It was for some online sporting goods store in CA for $1 (credit card thieves will often try to put through a small $ amount to test before charging big $ items). My cc company didn’t need to ask me for my personal information as they already had it. But just to be safe, I asked for a reference number and immediately called them back on the phone on the back of my cc.
I also made some purchases at Target during the breach period. My cc company did send me an email alert with some general information about what I needed to do but it also instructed me to directly log on to my account for further instructions (and they also mailed me a letter), the email did not have a link to log on to; never click a link in an email, instead use your trusted book marked link.
I do all my banking and bill payments on line and I do get bill payment notifications via email but I never click on any links in those emails just to be safe.
Good luck and let us know how this turns out.
And do it RIGHT NOW!
No wway that’s legit. Terrible writing, sounds like non-English speaker or low education.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.