• Home
  • Domains
  • Internet & Tech
  • Security & Privacy
  • Google & Search
  • Editorial Praise
  • Contact

Strategic Revenue - Domain and Internet News

Internet news authored by John Colascione

Register Domain Names

  • Isn’t Print Dead?
  • Killer Acquisition
  • New gTLD Death
  • Online Censorship
  • Gullible Domainers
  • You’re A Loser
You are here: Home / Privacy Issues / This AMEX Email Phishing Scam Wants You Homeless & Poor, With A Zero FICO Score

This AMEX Email Phishing Scam Wants You Homeless & Poor, With A Zero FICO Score

December 17, 2019 By John Colascione Leave a Comment

*** Here Is A List Of Some Of The Best Domain Name Resources Available ***

Register Domain Names

PALM BEACH, FL – Nothing could better destroy your holiday spirit than a compromise of your most secure personal information in the form of a phishing expedition. Here is one of the latest email scams circulating what is probably hundreds of thousands of inboxes, just in time for Christmas.

Here is how it all plays out: You receive an email which appears to be from American Express, but it isn’t, it’s from some scrupulous hacker hiding somewhere behind a computer who is looking to steal your identity.

Fake American Express Email (Classic Email Phishing Attempt)

A fake email which looks to be sent from American Express. Red flag #1 – it is addressing the recipient as “Customer” and not by name. It also doesn’t include any account information whatsoever.

Hovering Over the Fake Button

After clicking on the button in the fake email, users are sent to a fake website which is designed to look identical to an authentic American Express website. A link shortening service called “Bitly” is being used to hide the long fraudulent looking site address which will be visited.

Hovering over the blue “Confirm Your Identity” button reveals a link shortening service being used to hide the true location which will be visited.

A Better Look at the Sender (Fake)

A special character in Unicode or Latin is being used, likely to bypass spam filters which are already configured to look for mail identified as coming from American Express, but are not sent by an authentic domain. The email is actually being sent from a server controlled by the domain name “ Reagan.com” which was probably compromised specifically for the purpose of sending these emails. The server will likely be used until the compromise is discovered and then this criminal will move on to the next hacked server victim. Nothing in the ‘to’ field indicates the ‘BCC’ field was likely used.

American Express Email (Real)

What a genuine email from American Express looks like. As you can see, the fake email template is using a confusingly similar look and feel (design).

It is both increasingly and incredibly important to examine very closely any emails received which suggest you login anywhere or enter in any personally identifiable information, especially any financial accounts yet anything that stores any of your personal information can be used to compromise your safety and security.

AMEX Button Link (Real Email)

The real AMEX email brings you to an authentic “AmericanExpress.com” domain name. If you have’t already, you should get into the habit of looking at your browsers task bar and hover over links to see where you will wind up when clicking on a link, but be careful, these too can be spoofed if the hacker is very educated on JavaScript.

A Better Look at the Sender (Real Email)

Hovering over the tab will show that this email has been sent from welcome.aexp.com, an authentic American Express domain name. It is also marked by Google’s Gmail as ‘important’ as it has been sent directly to me.

Clicking on the tab on the top left lets you see a little more about the sender of the email and who exactly it was sent to. The above feature is shown in Gmail, but most if not all email clients have a similar feature.

The Sneaky Redirect (Linked from the Fake Button)

The short cleaner looking link uses what is called a “301” server side redirect which, as soon as it loads, just sends (or redirects) people to a different web address. Many people do not even notice the redirect take place. Ordinarily, these redirects are helpful to web site owners who change their web address to help visitors find the correct location; here it is being used for trickery.

This is a server header checker tool which shows that when the Bitly link is loaded it immediately redirects to a website at the address DiamondSettingsNYC.com, which is probably hacked and its owner may not even know there is a file (vars.php) placed in the sites root file area for the single purpose of redirecting users.

The Fake Website (Here Is Where They Really Do The Damage)

This is the fake website which is about to steal your username and password for your real account. Take notice on the top of the address bar there is a unlocked icon letting you know that this is not a secure domain name and doesn’t have an SSL (Secure Socket Layer) connection; a huge red flag. American Express would never operate on an insecure site.
This little ‘unlocked’ icon tells you this site is NOT secure (not providing a secure connection). This is what the insecure icon looks like in Firefox.
In Google Chrome the words “Not Secure” appear to the left without the unlocked icon. It doesn’t always appear in red so you should take note of this.

Second Page To Steal More Of Your Information

This is the first time I’ve seen a second page to acquire more information. Usually after the username and password is obtained, the site will just redirect to the real login page making the person think they typed their credentials incorrectly, but this hacker wants as much information as they can get and I guess they figure, good chance if you’ve gotten this far, there is more to be stolen in this single sitting.

Third Page To Steal, Even More!

Geez, these hackers really aren’t playing around; they want a treasure trove of information so they can sell it off for years to come; probably the victims entire lifetime. They are asking for the PIN#, mothers birthday, place of birth, and the name of some unlucky persons first elementary school.

The End of this Compromising Run-a-Round Scheme

This is your final destination. You have now been completely raped of just about as much personal information as necessary to make your life a living hell and potentially cause horrendous damage to your credit and FICO score. Hopefully you already have a house and car and everything you need.

This is where you end up if you are truly unlucky enough to have completed this entire process. You have only left to now login and see all of your ordinary information while some criminal is off to the dark-net web to distribute and sell your most secure personal information.

Other Scams to Look-Out For

  • FedEx Email Phishing Scam Attempt: Not That Clear What Actual Motive Is
  • Email Phishing Campaign Using Legitimate Top-Level Domain to Evade Spam Filters
  • Phishing: Watch-out for New Dangerous Godaddy Email Phishing Attempt
  • Weak Attempt at Phishing Network Solutions Account Holders
  • Verizon Wireless Phishing Email: Scams & How to Avoid Them (Part 2)
  • Just Some Fun With an Online Classifieds Scammer from Craigslist, That’s All
  • Fake Verizon Wireless Email: Email Scams & How To Avoid Them

What do I do if I receive a phishing email claiming to come from American Express?

Be sure to follow this site to stay up to date with some of the latest security and privacy issues. I don’t always have the time to detail them as much as I would like, but when I can, I’ll certainly keep you in the loop of what to look out for, this way you don’t wind up homeless and poor, with a zero FICO score. Subscribe to these headlines.

PLEASE NOTE: THE IMAGE OF EMAILS LABELED (FAKE) WERE NOT SENT FROM AMERICAN EXPRESS®. IF YOU RECEIVE IT, IT’S A FAKE. IT IS BEING USED AS AN EXAMPLE OF AN ACTUAL “PHISHING” EMAIL I RECEIVED. THIS IS HERE TO HELP OTHERS AVOID SIMILAR FAKE EMAILS AS WELL AS TO ILLUSTRATE HOW THESE PHISHING SCAMS WORK IN DETAIL.

John Colascione 2024
John Colascione

About The Author: John Colascione is Chief Executive Officer of Internet Marketing Services Inc. He specializes in Website Monetization, is a Google AdWords Certified Professional, authored a ‘how to’ book called ”Mastering Your Website‘, and is a key player in several Internet related businesses through his search engine strategy brand Searchen Networks®

Filed Under: Privacy Issues, Security Issues Tagged With: 301, 301 Redirect, 301 Redirects, Account, Accounts, Address, aexp.com, American Express, AMEX, Authentic, Authenticity, Birthdate, Bitly, Compromise, Compromised, Credentials, Criminal, Customer, Customer Data, Dark Web, Darknet, Data, Data Breach, Data Breaches, Data Privacy, Data Protection, Data Security, Date of Birth, Domain, Domain Name, Email Address, Email Addresses, Email Phishing, Email Scams, Fake, Fake Website, Fake Websites, FICO Score, Fraudulent, Hacked, Insecure, Internet Addresses, Latin, Link Shortening, Login Credentials, Non-secure, Password, Passwords, Personal Data, Personal Information, Phishing, Phishing Scam, Phishing Scams, Phishing Sites, PIN, Recipient, Red Flag, Scam, Scammers, Scams, Scheme, Secure, Sender, Server, Servers, SSL, SSL Certificate, SSLs, Template, Unicode, Username, Usernames, Web Address, Web Addresses, Website Address

*** Here Is A List Of Some Of The Best Domain Name Resources Available ***

Register Domain Names

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Search This Site

by: John Colascione

John Colascione

Best Site for Things to Do While Visiting Florida
John Colascione is Chief Executive of Internet Marketing Services Inc. He specializes in Website Monetization, authored a book called Mastering Your Website, and is a key player in several Internet businesses through his brand SEARCHEN®

#Indiana.com

GEO domain name

Follow Me

John Colascione Twitter

USED CARS ENTERPRISE

auto buyers market
Auto Buyers Market – Shop Used Cars by Participating Dealers at autobuyersmarket.com

In The News

  • DNJournal: New Book From Veteran Domainer
  • From Brandable to Exact-Match Geo Domain
  • InnovateLI: Two Deals, One Very Interesting Digital
  • Internet Commerce Association: John Colascione
  • NamesCon: Featured Attendee: John Colascione
  • Long Island Media Inc, SmartCEO, Future 50
  • Speakers, Name Summit, John Colascione
  • Speakers, Real Estate Summit, John Colascione
  • 24 Leading Domain Experts Analyze 2017

Popular Stories

New gTLD? Not So Fast; History Suggests New ‘Right of the Dots’ Could = Total Failure

Could Domain Investing Industry End with Legal Provision for Domain “Hoarding”

Websites and Domain Names to Become Insignificant within 20 Years or Less

Does the Domain Industry Suffer From Own Versions of Trumpted “Fake News” Stories?

List of 300+ Cryptocurrency Domain Name Sales and Sale Prices [All Time] (NameBio)

Quotes to Follow

quote icon The domain name is equivalent to Gold. It is the only packaged item which is globally tax-free, portable, with value that is universal across different cultures. quote icon – Frank Schilling

quote icon Domains have and will continue to go up in value faster than any other commodity ever known to man. quote icon – Rick Schwartz

quote icon  Google knows you, your friends, your likes, what entertains you, where you are in the world at any given time. Google will soon predict your next action, your next thought, based on a collaboration of thoughts past. quote icon – John Colascione

Like These Headlines?

Enter your email address:

Delivered by FeedBurner

T.L.D. Brokerage

Domain Brokers

Books on Domain Names

  • Books on Domain Names
  • Best Biz Cash Back Credit Card (5%)

2025 Digital Real Estate Surge: High-Value Domains Prove Worth With More Big Sales

WEST PALM BEACH, FL - The domain industry is experiencing a surge in high-value transactions, as highlighted in DN Journal's latest report titled "Sizzling Domain Sales Continue to Light Up The Charts … [Read More...]

Google’s Search Market Share Dips Below 90% for First Time in Decade

MOUNTAIN VIEW, CA - Google's global search engine market share fell below 90% in the final quarter of 2024, marking the first time since 2015 that it has dipped under this threshold. Regional … [Read More...]

Near Identical Domain Used To Scam Over $800,000 With Wire For Real Estate Deal

AUSTRALIA - A South Australian woman narrowly avoided a complete financial disaster after falling victim to a sophisticated business email compromise (BEC) scam that led to the loss of over $800,000. … [Read More...]

Domaining blog recommended by Domaining.com

Copyright © 2010-2025 StrategicRevenue.com - Property of Internet Marketing Services Inc.   FeedBurner: RSS
By using this site you agree to our Terms of Service and Privacy Policy. If you do not agree, please exit the service.