Modus Operandi These phishing email scams have subjects such as’ CardMember Account Notice, ‘ ‘ Reminder-We have issued a security concern (Action required)’ and ‘ REMINDER: a concern that requires your action.’ The email message states that we encountered errors during the report analysis and therefore we mandate you to confirm your records with us via the attached secure fillable web form.

— INSINIA SECURITY (@insiniasec) December 29, 2018 The attached fillable form asks for details such as user credentials, card number, security code, expiry date, mother’s name, mother’s date of birth, year of birth, first elementary school name and security pin. Then it encourages the victims to create new login credentials. An example of the phishing email that Myonlinesecurity observes is shown below. “ Primary Cardmember Message “Once the victims submit the form with their personal details, the information collected is sent to the scammers. The users are then redirected to the legitimate americanexpress.com page, which states “Thank you for your feedback.” Note that these emails are sent from mail domains based on the keyword ” American Express, ” such as AmExpress@amnex[.]com, AmericanExpress@aemail[.]com and AmericanExpress@ampress[.]com, respectively. In view of this, we mandate that you confirm your on-file records with us. You are to A safe attached fillable Web form is sent with this message. *See attached form, download and open to continue. Thank you for your continued card membership, American Express Customer Service”

How to keep such scams safe?

All internet users should be aware of these phishing scams and follow certain standard security practices to protect their online accounts. It should be remembered that companies’ in particular financial organizations do not request personal information by email or by telephone. If you receive any such email containing links to sites and requesting your personal information, it may be a scam, so you are advised to contact the organization to confirm the email.