American Express cardholders have been targeted by a scam campaign that impersonates the SafeKey security program.
A Massive American Express SafeKey Phishing Campaign Has Been Identified
American Express users are the latest targets of a massive phishing campaigns that use legitimate products and services. This time, the criminals are impersonating SafeKey, American Express’s own program that counters identity theft and phishing prevention. This is a legitimate program that is operated by the organisation.
The scam has been discovered by experts from Comodo Labs. The researchers explain how the scheme works.
A key condition is the fact that the criminal operators have managed to make the scam messages as authentic as possible. Email messages are sent to potential owners of American Express cards that include malicious links that collect their payment card information and other related personal information. The attackers use a SafeKey initial setup scam scheme to lure users into sending them the sensitive data.
The first scam instances were reported in March however a massive outbreak of emails has been reported to have occurred last week.
SafeKey is the 3-D Secure program that American Express operates. When the program is activated and configured by the user a two-step verification of the payment is initiated when compatible online stores are used. In essence when a payment is made the user must confirm the payment details by typing in a secure password on a gateway operated by American Express.
The phishing scam is organised in steps that look convincing just like the real SafeKey setup process.
- The first step opts for the victim’s USER ID and Password. Upon entering a combination, even a false one, the user is redirected to the next step.
- On the next window, the target is asked to enter his/her SafeKey password and personal information. This includes the date of birth, a security key, and a security question. This data can be used by the criminals to exploit other services and even steal identities from the victims.
- The next page asks the user to enter the payment card details. Upon completing the counterfeit process, the user is redirected to the legitimate American Express website.