Last Updated on January 27, 2020 by Christopher G Mendla
UPDATED Oct 2019 to remove old/bad links. See our new article.
I just got an official looking email from Amex in my inbox. The problem was that it was sent to one of my emails that I don’t use for our amex account (Different domain entirely). Of course, we never click on email links but will go directly to the site.
The problem is that the phishing expeditions are getting more sophisticated. The links in this email were designed to look like actual Amex links
To pay your bill online, click here.
(I’ve munged a couple of the components of the link to render it unusable, just in case..)
It appears that this is part of something called a replay attack.
I found some clues which explained part of the methodology.
One sure clue is that when you look in the email header, you see a return path of [email protected] . Yea, I’m sure that’s how Amex would send out an email.
In short, the phishing techniques are getting a whole lot more sophisticated. You would have to analyze the hidden technical portions of an email to spot a fake, and even then you might miss the clues.
So, when you get an email allegedly from your financial institution (or anything else that is important such as your ebay or amazon account)
- DON”T TRUST IT. Do NOT click on any of the links and log in directly from the email
- If you feel you need to check things out, open up your browser and go directly to the site by using your favorites (assuming you linked to the real site originally) or by typing the site address into the address bar.. eg. www.americanexpress.com DO NOT copy and paste links.
- Make sure the rest of your family is aware of phishing attempts and how to handle incoming emails.
- Again- Be paranoid. Identity theft is a royal mess. This is a time for tinfoil hats!!