A fake email from American Express – what to do with suspicious emails

This morning, groggily staring at my computer, my brain not yet on, I was utterly shocked to receive an email from American Express stating that I had made a payment in the sum of $4,845.47 to American Express. My response was What? WHAT?! As I stared at the surprising email thinking when did I do that? Why did I do that?

Then my brain woke up and said, ah, but you don’t send any of your credit card information to your freedmanlpm.com address. Then my internal fraud alert starting beeping, my blood pressure returned to normal and I sighed with relief. Then, of course, I thought, ooooh, blog post.

Years ago, when I got fake emails from credit card companies or other businesses, the emails looked fake. Now they don’t. The scammers even did a good job of faking the email address from which the email originated, AmericanExpress@welcome.aexp.com.  Of course, that isn’t the address American Express uses, but still, a good effort. Then, when I hovered over the links at the bottom of the email, I saw addresses that didn’t even pretend to be related to American Express.  Actually, it seems to be for children’s clothing.

Now, there are a number of reasons for a fraudulent email. One is an effort to obtain credit card, passwords, or other similar information. Another though is to get people to click through to the site, resulting in payments to the site for ads. I think that is probably what is going on here. There could also be malware on the site that would install something to steal information from my computer.

Note how the con-artist actually included a phishing warning reminder in its email. Very clever. If you would like to see the complete email I have provided a pdf. No active links.

How can you tell a fake email?

There are a number of ways to tell if an email is fake.

1. Do you actually have the credit card in question
2. If you do have the credit card, do you use the email address at which you received the email with that card
3. Look at the from address, does it make sense? These can be spoofed, but they aren’t always.
4. Hover your mouse over any links. Do they match up with the originating company?
5. Test the links by putting through a security check. Directions here.


What to do?

1. Check the website for the actual credit card company, find its fraud department, and give it a call.
2. If you are really concerned, call the account department of the credit card company, explain the problem, and assure yourself that the bill or payment is fake.
3. The credit card company will want a copy of the email, send it along.
4.Be careful not to click on any of the links by accident. If you do, immediately shut your browser window and scan your computer for malware.
5. In this case I also sent an email to the website, because it is most likely unaware it is being used in a phishing/scam email. I warned it that someone might have infected its website with malware or have hacked its site in some way.


Hovering over a link shows where I would be directed if I clicked on it. Do not try to go to the website in question.



Subscribe to This Blog