It usually starts with a simple email. The American Express logo looks familiar. The message feels official enough that you pause. It warns you that your account is temporarily limited, and you need to take action. In that moment of uncertainty, you might wonder if something really happened to your card.
That moment is exactly what scammers hope for. It is the space where doubt meets urgency, and where a well-designed phishing scam can slip through your defenses.
This article walks you through how the American Express “Your Account Is Temporarily Limited” scam works, why it feels so believable, and what you can do if you ever find yourself interacting with it.
Scam Overview
The American Express “Your Account Is Temporarily Limited” scam is one of the most convincing phishing schemes circulating today. Scammers use a simple formula: copy the look and tone of real Amex alerts, then add enough urgency to make you act before you have time to question anything.
The email usually arrives without warning. It is designed to create just enough alarm to make you think, “I should handle this quickly.” The scammers rely on real patterns of communication. American Express does send legitimate fraud alerts, which makes this fake version feel close enough to reality to be dangerous.
What the Scam Email Usually Looks Like
The message typically includes:
A subject line that sounds urgent
A warning that your account is limited or restricted
A claim that suspicious activity was detected
A request to verify your identity
A button that urges you to “Restore Access” or “Complete Verification”
The layout often mimics American Express branding with surprising accuracy. The colors, spacing, and logo placement look similar enough that many people do not question it.
Why the Scam Works So Well
This scam succeeds for several reasons:
It feels familiar. Many people have received genuine security alerts from credit card companies, so the message fits into an existing pattern.
It uses urgency to bypass rational thinking. When you believe your card may be compromised, your instinct is to act fast.
The fake website looks real. The scammers often copy American Express pages almost exactly.
The language sounds protective. Phrases like “This is for your security” or “We are protecting your account” make victims feel supported instead of threatened.
Volume. Scammers send emails to massive lists. Even if only a tiny percentage of people fall for it, the scam remains profitable.
The Emotional Trigger Behind the Scam
This kind of phishing works because it taps into your fear of losing access to something important. A credit card is part of daily life. If you think someone may have stolen your information or tried to use your account, you naturally want to respond quickly.
The scammers design their message to sit right in that emotional pocket. It only takes a moment of worry to click without checking the details closely.
How the Scam Works
Understanding each stage of the scam makes it easier to recognize the signs before you interact with anything suspicious. Below is a clear, step-by-step walkthrough of how this scam usually unfolds.
Step 1: The Email Arrives
The scam begins the moment the phishing email appears in your inbox. The subject line is crafted to get your attention fast. Examples include:
“Your Account Is Temporarily Limited”
“Unusual Activity Detected”
“Immediate Action Required”
The entire goal is to make you open the message without hesitation.
Step 2: The Language Builds Pressure
Once you click, the message uses calm but urgent wording. It may say:
“We temporarily restricted access to protect your account.”
“We noticed unusual behavior and need verification.”
“Your account privileges are currently limited.”
The tone feels official. It sounds like something a fraud team might send.
Step 3: The Fake Button Looks Trustworthy
Scammers often place a large button in the center of the email. It usually says something like:
“Verify Now”
“Restore Access”
“Fix Issue”
When you feel anxious about potential fraud, that button seems like the fastest solution.
Step 4: You’re Taken to a Fake Website
Clicking the button leads to a website designed to imitate the real American Express login page. The scammers copy:
The blue color palette
The spacing
The fonts
The logo placement
The layout
At a glance, it looks legitimate. The only real giveaway is the URL, which often contains strange numbers or unfamiliar domain names. But many victims are too focused on fixing the “problem” to notice.
Step 5: The Site Asks You to Log In
The fake login page prompts you to enter your username and password. As soon as you type them, scammers capture the information.
Some fake pages deliberately reject your first login attempt. This trick encourages you to enter the details again, which helps scammers confirm accuracy.
Step 6: The Verification Maze Begins
After logging in, the fake site usually asks for more information. These pages are labeled as “security steps” or “identity verification.” They often request:
Full card number
Expiration date
Security code
Billing address
Phone number
Date of birth
Social Security number
Each step feels routine. Victims believe they are completing a protective process.
Step 7: A Fake Confirmation Appears
Once the scammers collect everything they want, the fake site may display a reassuring message such as:
“Your account has been successfully restored.”
Sometimes victims are even redirected to the real American Express website, making the whole experience feel legitimate.
Step 8: The Scammers Act Quickly
With your information in hand, scammers may:
Log into your real Amex account
Make unauthorized purchases
Attempt to change account settings
Call customer service pretending to be you
Try to open new credit lines
Sell your information to other criminals
This stage moves fast. Many victims discover the issue only when charges appear or their card stops working.
Step 9: The Victim Realizes Something Is Wrong
Signs of trouble include:
Unexpected charges
Login issues
Account changes you didn’t make
Security alerts from American Express
New credit inquiries
The shock usually comes with a sinking realization: the email was never real.
How To Spot the American Express “Your Account Is Temporarily Limited” Scam
Scammers are skilled at making their messages look real, but there are always clues if you slow down and look closely. Once you know what to watch for, spotting this scam becomes much easier and far less stressful.
Check the Sender’s Email Address
The first giveaway is usually the sender’s address. Real American Express emails come from official domains. Scam messages often come from:
Strange, unfamiliar domains
Email addresses packed with numbers
Misspelled versions of the company name
Free email services like Gmail or Outlook
If the domain looks off in any way, the message is almost certainly fake.
Look for Urgent or Aggressive Language
Scammers rely on emotion. They want you to feel pressured, worried, or rushed. Look for wording such as:
“Immediate action required”
“Your account is at risk”
“We will suspend your account”
American Express does send alerts, but their tone is usually calm, measured, and not pushy.
Hover Over Links Without Clicking
Scammers hide malicious links behind legitimate-looking text. Hovering over a link (or long-pressing on mobile to preview the URL) often reveals:
Random numbers and letters
Misspelled brand names
Domains that do not match American Express
Unusual endings like .info or .site
If the link looks unusual, do not click it.
Inspect the Logo and Formatting
Some scam emails look almost perfect, while others still show subtle signs of sloppy design. Watch for:
Blurry or stretched logos
Odd spacing
Mismatched fonts
Large blocks of text with no structure
Strange capitalizations
Scammers try to copy the Amex design, but small visual mistakes usually slip through.
Notice Requests for Sensitive Information
American Express will never ask you to provide:
Full card numbers
CVV codes
Social Security numbers
Birth dates
Full billing information
If an email asks for any of these details, it is a scam.
Trust Your Instincts
If something feels off, pause. A legitimate message will still be there in an hour. Scammers depend on quick reactions. Slowing down is one of the strongest protections you have.
Common Variants of the American Express Account Limitation Scam
Scammers often recycle successful tactics and reshape them into new formats. The “Your Account Is Temporarily Limited” message is just one version. Here are the most common variations you might encounter.
Variant 1: “Suspicious Activity Detected”
This version claims that American Express noticed unusual charges. The message warns that your account may be compromised and urges you to verify recent activity.
It often includes:
A fake list of transactions
A button labeled “Review Activity”
A suggestion that your card is frozen until you respond
The emotional trigger here is fear of unauthorized spending.
Variant 2: “Your Card Has Been Locked”
This message claims your card is no longer usable. Scammers know that losing access creates instant anxiety. The email pushes you to “unlock” your card by entering personal information on a fake website.
Variant 3: “Billing Information Update Required”
In this approach, scammers pretend that your billing details are outdated. The tone feels administrative rather than urgent, which can catch people off guard.
The message often requests:
Updated address
Updated card number
New expiration date
If you enter anything, the scammers collect all of it.
Variant 4: Fake Text Messages
Not all scams come through email. Many victims receive SMS messages that look like standard fraud alerts. They often say:
“American Express Alert: Your account is restricted. Verify at [fake link].”
Text scams are dangerous because mobile screens make links harder to inspect.
Variant 5: Phone Call Scams Pretending to Be Amex
Some scammers call directly, pretending to be from the American Express fraud department. They may sound professional. They may even know your name.
The caller might claim:
A large charge was attempted
They need to “confirm your identity”
Your card will be closed unless you verify information
No real American Express employee will ask for your full card details over the phone.
Variant 6: Fake App or Browser Pop-Up Alerts
This version appears as a pop-up that imitates a notification from American Express. It might claim there is a login attempt or security issue and direct you to click a link.
It often appears after visiting unsafe websites.
Variant 7: PDF or Attachment Scams
The email arrives with an attached PDF that looks like a statement or security notice. When opened, it instructs you to log in through a link inside the document. This approach creates a sense of professionalism because PDFs feel official.
Variant 8: “Reward Points Suspended”
This version claims your Membership Rewards points were frozen due to suspicious activity. It invites you to “restore your points” by logging in. Because reward points feel safe and non-financial, many people drop their guard.
What To Do If You Fell Victim
If you interacted with the scam, stay calm. Recovery is possible, and American Express has strong fraud protections. Follow these steps right away.
1. Call American Express Immediately
Tell them your information may have been stolen. Ask them to freeze the account and check for unauthorized activity.
2. Change Your Password
Use the official American Express website or app. Create a new, strong password you have not used anywhere else.
3. Turn On Two-Factor Authentication
This adds an extra layer of security and makes it harder for scammers to access your account again.
4. Review Recent Transactions
Look for charges you do not recognize. Report anything suspicious so you are not held responsible.
5. Monitor Your Credit Reports
Check for new accounts or inquiries. This helps detect identity theft early.
6. Contact Your Bank If You Shared Card Details
If you entered card numbers, request replacements or additional safeguards.
7. Change Passwords on Other Accounts
If you reuse passwords anywhere, update them immediately before scammers try logging in elsewhere.
8. Scan Your Device
Use trusted antivirus or anti-malware software to check for suspicious activity.
9. Report the Scam
File a report with the FTC and notify American Express so they can track related incidents.
10. Save the Email for Documentation
Keep the message as evidence if fraud teams or investigators request it.
11. Stay Alert for Follow-Up Scams
Scammers sometimes target past victims again. Be cautious with unexpected emails or calls.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
The Bottom Line
The American Express “Your Account Is Temporarily Limited” scam succeeds because it looks real at a glance and arrives in moments when people are least prepared to question it. The more familiar you become with how it works, the easier it becomes to spot the warning signs before you click anything.
Whenever something feels urgent, take a moment to pause. Visit the official American Express website directly or call the number on the back of your card. A few seconds of caution can protect you from a long series of problems later.
FAQ: American Express “Your Account Is Temporarily Limited” Scam
What is the American Express “Your Account Is Temporarily Limited” scam?
This scam is a phishing scheme designed to trick you into believing American Express has restricted your account. Scammers send emails or text messages that look official, then direct you to a fake website where they collect your personal or financial information. Once you enter your details, attackers can attempt unauthorized charges, access your real account, or commit identity theft.
How can I tell if the email is fake?
There are several red flags to look for:
The sender’s email address looks strange or unfamiliar
The message urges immediate action or uses threatening language
The email contains typos or formatting issues
The link directs you to a suspicious domain
The message asks for sensitive information like your card number or Social Security number
If anything feels off, assume it is fraudulent until you confirm otherwise.
Does American Express ever send real security alerts?
Yes. American Express does send legitimate fraud notifications. However, they do not ask you to submit sensitive information through email links. They will never request your full card number, CVV code, Social Security number, or login details through a message. Real Amex alerts usually direct you to log in through the official website or app, not through a link in an email.
What should I do if I clicked the link?
If you clicked the link but did not enter any information, you are usually safe. However, you should still:
Clear your browser history
Run a quick malware scan
Watch for unusual emails or texts over the next few days
If you entered any login information, treat it as compromised and continue with formal recovery steps.
What if I entered my American Express login information?
If you entered your login details, take action immediately:
Change your American Express password.
Enable two-factor authentication.
Contact American Express to report potential fraud.
Monitor your account closely for unfamiliar activity.
Reacting quickly greatly reduces the risk of account takeover.
What if I entered my full card number or personal information?
If you provided your card number, CVV code, address, or other sensitive details, call American Express right away. They can cancel the compromised card, issue a replacement, and monitor suspicious transactions. If you entered highly sensitive data like your Social Security number, consider placing fraud alerts or credit freezes with major credit bureaus.
Are the links in these emails dangerous?
Yes. The links often lead to fake sites that capture your information. Some may also contain malicious scripts or attempt to install harmful software. Avoid clicking any link in an unexpected security alert. Go directly to the American Express website by typing the URL into your browser yourself.
Why do scammers target American Express customers?
American Express cardholders are attractive targets because the cards often have higher limits and better fraud protections. Scammers know that even a small number of successful attempts can be profitable. Because Amex communicates frequently with customers about security, scammers imitate this style to make the fraud appear familiar.
Can the scam come through text message?
Yes. SMS phishing, also called “smishing,” is becoming more common. The text usually includes a short message and a suspicious link claiming your account is locked or restricted. Mobile screens make it harder to spot fake URLs, which is why these messages can be particularly dangerous.
What does a fake American Express alert usually say?
Phishing messages often use lines such as:
“Your account has been temporarily limited.”
“Suspicious activity detected.”
“Your card has been locked for security reasons.”
“Verify your information to prevent account closure.”
The exact wording varies, but the message always aims to pressure you into responding quickly.
Why do scammers claim my account is limited?
It creates urgency. When people feel their financial access is threatened, they act fast. Scammers use this emotional reaction to override your usual caution. The phrase “temporarily limited” sounds serious but solvable, which encourages victims to click the provided link.
Is it safe to call the phone number in the email?
No. Scammers often include fake customer service numbers that lead to fraudulent call centers. Always use the official phone number on the back of your American Express card or the contact information listed on the real Amex website.
What should I do if I forwarded the scam to someone else?
Let them know immediately that the message is fraudulent. Encourage them not to click any links or share the email further. If they already interacted with the scam, guide them to the same steps you would follow for your own account safety.
Should I report the scam to American Express?
Yes. Forward the phishing email to spoof@americanexpress.com. Reporting the message helps American Express track active scam campaigns and warn other customers. If you received the scam via text message, take a screenshot and share the details with Amex support.
Can this scam affect people who do not have an American Express account?
Yes. Scammers send these messages in large batches to random email lists. Many victims do not even have an American Express card. The goal is quantity. If even one out of thousands falls for it, the scam is still profitable.
Should I delete the email after reporting it?
Yes. Once you have forwarded it to American Express or reported it to the appropriate channels, delete it to avoid accidentally clicking on anything later.
Could scammers call me pretending to be American Express?
Absolutely. Phone-based versions of the scam exist. The caller may claim to be from the fraud department and ask you to verify charges or confirm personal information. If you receive a call you did not expect, hang up, then dial the number on the back of your card instead.
How can I protect myself from this scam in the future?
A few simple habits go a long way:
Never click links in unexpected security alerts
Type the American Express website manually into your browser
Enable two-factor authentication
Keep your device updated
Monitor your accounts frequently
Be cautious with emails that create urgency
Awareness is one of the strongest defenses.
What browsers or devices are safest?
Any device can be targeted. What matters most are your habits. Using updated browsers, installing security patches, enabling password managers, and avoiding unknown links make you significantly safer across all devices.
Can I get my money back if scammers make charges?
American Express has strong fraud protections. In most cases, unauthorized charges are reversed once you report them promptly. The sooner you contact the company, the easier it is to resolve everything.
Why do scammers keep using this same tactic?
Because it works. Even with growing awareness, phishing remains one of the most effective cybercrimes. The combination of branding, urgency, and fear creates a perfect environment for quick mistakes. Scammers stick to methods that consistently yield results.
Is this scam dangerous even if I didn’t click anything?
If you did not interact with the scam, you are safe. The email alone does not compromise your information. Simply delete it and stay aware of similar messages in the future.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
