We all recognize email like this one as a phishing scam, right?
- No legitimate company is going to send a billing notice to a list of customers with all the customer’s email addresses visible to each other.
- Standard shock treatment. You’re supposed to react, “Oh, No! Someone charged over $1300 to my AmEx card to pay their phone bill!” Then click the link to let the scammers harvest your personal info. Don’t fall for the scam:
Click the image to see this scam full size. Note that the link doesn't go anywhere Verizon would want you to go. Nor where you should go.
- See this scam? Delete it.
- Not sure if a message like this one is a scam? Log in to your account at the alleged sender’s Web site and check your account.
- Fall for this scam? As soon as you can, contact the companies or institutions whose account information you provided to the scammers.
Superficially, this phish looks convincing. A lot of us shop at amazon.com using an American Express card. Oh, no! We’re in trouble! Only if any of us click any of the links in this message.
Look at this message for about 10 seconds and it becomes apparent that it’s just another rotten phish.
- Sent to a list of addresses. Real banks and credit card companies do not do that. They know that it’s a security breach to expose customers’ email addresses to other customers.
- Bad links: hover your mouse over either of the two links in the message body that allegedly go to an American Express site. As the screen shot below indicates, they will take you to an identity-harvesting site. Actually, three of the links in the footer will also take you to non American Express Web sites.
- Message content: Do not click any links in this email message. If you are an American Express customer, instead, in your web browser, go to the standard credit card site where you usually log in, log in there, and look for a secure message to you from your credit card company.
Even though this phish has the stolen logos and a serious looking footer, if you just pay attention for a few seconds, you’ll draw the proper conclusion: Just delete the message!
Click the image to see a larger version of this phish.
Study this message for a few seconds and you'll see it's another rotten phish. Delete it.