Beware of “American Express Account Has Been Locked” Scam

Photo of author

Written by: Stelian Pilici

Published on:

Over the past few months, a dangerous phishing scam has emerged targeting American Express cardholders. This phishing email falsely claims that the recipient’s American Express account has been locked due to a failed cardless payment.

The scam aims to trick recipients into handing over their account login credentials, exposing sensitive financial information to cybercriminals. This article will provide an in-depth overview of how the “American Express Account Has Been Locked” phishing scam operates, as well as tips for spotting and avoiding it.

Scams

Overview of the Scam

The phishing email pretends to be an urgent notice from American Express stating that the recipient’s account has been locked as a security measure after a recent cardless payment was declined.

It claims that the account has been blocked and that the recipient must verify their account ownership to unlock it. The email includes an attached HTML file disguised as a sign-in page for American Express accounts.

If the recipient attempts to sign in through this phishing page, their login credentials will be captured by scammers who can then access the victim’s account to make fraudulent transactions.

How the Scam Works

The phishing email arrives with the subject line “Action Required: Your account has been locked” to instill a sense of urgency in the recipient. The sender name is spoofed to appear as if the email comes from American Express.

The email body states that a recent cardless purchase by the recipient was declined and subsequently their American Express account has been temporarily locked as a security precaution.

It goes on to provide instructions for unlocking the account – asking the recipient to download a secure attachment and verify account ownership.

However, the attachment “Account_SecurePayment_Message.html” is not actually a secure sign-in page but rather a phishing page designed to steal account credentials.

Any information entered into this phishing page gets recorded and sent directly to scammers. The phishing site is carefully designed to replicate the look and feel of the real American Express login page to fool recipients.

After capturing the victim’s username and password through the phishing page, scammers can access the account to make unauthorized transactions, steal rewards points, view personal information, and more.

How to Spot This Scam

While this phishing scam is sophisticated, there are a few indicators that can help identify and avoid falling victim to it:

  • Generic greeting – Real emails from American Express greet recipients by name, not with a generic greeting like “Dear Card Member”.
  • Spoofed sender address – The sender email address is spoofed to appear like an official American Express address, but may have inconsistencies upon closer inspection.
  • Sense of urgency – Creating a false sense of urgency to panic recipients into clicking on links/attachments without scrutiny is a common phishing tactic.
  • Request for sensitive information – American Express will never ask for account passwords, PINs, or other sensitive information over email. Any email making such requests is a red flag.
  • Threat of account suspension – While American Express may send account notices, they will not threaten immediate account suspension without allowing you to directly contact them.
  • Spelling/grammar errors – The email body may contain spelling, grammar or formatting inconsistencies uncharacteristic of a large corporation.
  • Attachment – American Express will never send account updates as an attachment. Anything requiring download should be treated with suspicion.

What to Do if You Receive This Email

If this suspicious email lands in your inbox, take the following steps:

  • Do not click any links or download attachments within the email. The attachment is malware disguised as a login page.
  • Forward the scam email to American Express phishing email – phishing@aexp.com. Alerting companies about new phishing scams helps them warn other customers.
  • Report the email as spam/phishing to your email service provider. This helps improve spam filters.
  • Do not reply to the email or contact any numbers/addresses within the scam content.
  • Log in safely to your American Express account through the real website to review any notifications or irregularities.
  • Change account passwords as a precaution if you had engaged with the phishing email in any way earlier.
  • Monitor your account activity closely over the next few weeks for any signs of unauthorized transactions.

What to Do if You Suspect Your Account is Compromised

If you mistakenly clicked, downloaded or entered information into the phishing page, your American Express account may be compromised. Take these steps immediately:

  • Contact American Express – Call the 24/7 customer service line and report unauthorized access to your account. They can lock the account, issue new cards/numbers and reverse fraudulent charges.
  • Reset online account password – Log in via the real American Express site and change your password/security questions to prevent further access.
  • Review transactions – Closely monitor your account activity for fraudulent charges and report unauthorized transactions right away.
  • Cancel/replace cards – Ask American Express to cancel existing cards and issue replacements to safeguard your account from misuse.
  • Alert credit bureaus – Contact Equifax, Experian and TransUnion to place fraud alerts on your name and SSN if data is compromised.
  • Update information – If personal/contact information has been stolen, update details with American Express and other financial institutions.
  • Run an antivirus scan – If you suspect your device is infected with malware, you should run a scan with Malwarebytes Anti-Malware.

By taking swift action, you can contain the damage from phishing scams. But prevention is most effective, so be vigilant about spotting and avoiding such scams.

Frequently Asked Questions

Is this phishing email really from American Express?

No, this scam email only pretends to be from American Express by spoofing the sender address. The content is fabricated with the intent of stealing personal and financial information. American Express warns customers that they never send such phishing emails.

Are phishing scams like this common?

Unfortunately, phishing scams impersonating major financial companies have become very common. Scammers exploit brand names like American Express to target unsuspecting customers. It is important to be able to identify telltale signs of phishing attempts.

Can I tell if an email is phishing just by looking?

While scammers are sophisticated, phishing emails often have signs like grammatical errors, urgently threatening tone, spoofed addresses and questionable attachments. Verifying the sender address and avoiding clicking links/downloads can help avoid becoming victim.

What happens if I entered my American Express details into the phishing page?

If you downloaded the attached HTML file and entered your account username/password into it, that sensitive information is captured by scammers. Contact American Express immediately to report the account breach. Reset your login credentials to restrict access. Closely monitor your account and transactions until the issue is resolved.

Could the scammers make unauthorized transactions from my account?

Yes, phishing aims to steal login credentials to either sell them online or drain money directly from compromised accounts. If scammers gain access to your American Express account, they could improperly use it for their own transactions, purchases or transfers. Report and reverse any unauthorized activity.

The Bottom Line

Phishing emails like the “American Express Account Has Been Locked” scam can appear quite convincing through sophisticated spoofing and social engineering tactics. But with vigilance, these scams can be identified and thwarted before any damage is done.

Being aware of the common signs – urgent threats, spoofed addresses, suspicious attachments and requests for sensitive data – makes one far less likely to become a phishing victim. If you receive such a dubious email, avoid engaging and report it to the relevant companies immediately.

Staying informed about the latest phishing techniques and treating emails carefully will help keep your finances and identity secure. Handing over personal information to scammers gives them the power to exploit hard-working consumers. But a little caution goes a long way in protecting against that.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Previous

Remove SupportGrid from Mac [Virus Removal Guide]

Next

Remove BounceDaily from Mac [Virus Removal Guide]