The emails, titled “Thanks for Updating Your Email” have been carefully crafted to closely resemble legitimate emails and carry the American Express logo and color scheme. All of the links inside the email – including those in the footer – point to a third-party website rigged with malicious code that will attempt to install malware on the user’s machine upon visit.
Here is one of the emails intercepted by the Better Business Bureau:
Thanks for updating your email address
Thanks for updating your e-mail address with us.
We changed your e-mail address in our files to [EMAIL]. If this is correct, you can disregard this e-mail. If the new e-mail address is not correct or you did not request this change, please CLICK HERE, or log in to online.americanexpress.com.
Thank you for your Cardmembership.
American Express Customer Service
Contact Customer Service | View Our Privacy Statement | Add Us to Your Address Book
Your Cardmember information is included in the upper-right corner to help you recognize this as a customer server e-mail from American Express. To learn more about e-mail security or report a suspicious e-mail, please visit us at americanexpress.com/phishing. We kindly ask you not to reply to this e-mail but instead contact us securely via the customer service link above.
Copyright 2012 American Express Company. All rights reserved.
If you receive this email, it is advised that you:
- Do not reply to the email and avoid clicking on any of the embedded links.
- Forward the email to firstname.lastname@example.org
- Delete the email.
As a side note, it is always best to type the URL of the website that you wish to visit directly into your browser address bar instead of clicking on the links provided within emails. This will minimize your chances of falling for a phishing scheme or malware trap.