#Privacy: New phishing campaign imitates Amex, Chase fraud protection emails

Threat actors are now sending fake Amex and Chase fraud protection emails asking recipients to confirm if particular credit card transactions are legitimate. 

Discovered by researchers at MalwareHunterTeam, threat actors are sending fake Chase and Amex fraud protection emails stating that “some unusual activity” has been identified on either their American Express card or Chase card. 

The listed transactions include charges from Best Buy and TOP UP B.V., all of which are fake. Subsequently, someone who receives this email will assume that their card has been stolen and will click on the “No, I don’t recognise one or more of these transactions,” button. 

Upon clicking the button, the victim will be redirected to a fake Chase or Amex login site where they are asked to enter their login credentials, address, date of birth, Social Security number, bank card and credit card information.

The entered information is then transmitted to a server belonging to the threat actor. 

“While there are some suspicious formatting on the phishing emails, for the most part, they do a very convincing job. Due to this, a person may click on the email’s links as they are scared someone is fraudulently using their card,” wrote BleepingComputer. 

To detect if an email is legitimate, make sure to see if there are any grammatical errors, misaligned buttons, strange URLs, awkward use of language or even strange bolded text. 

In addition, call the card merchant directly if you have any suspicions. 


Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.