I just got a very convincing scam email in my inbox and I wanted to give you a heads up and ask you to tell other people in your life that you think might fall for it to look at.
Here’s what it looks like. It’s what we call a phishing scam.
The email looks pretty darn real. My email claims to be from American Express (but it could be from any credit card or bank). It says that AmEx is adding 2-factor authentication and a security question to my account and that I have to confirm that information immediately or I will lose access to my account. Sounds scary right? Nobody wants to lose access to their account. And 2-factor authentication is actually a good thing to put in place. My main issue here is that I don’t have an American Express account. If you did, though. You might be tempted to click. Don’t. If you do, you’ll be taken to a page where you have to enter a CAPTCHA code. That helps make this look more authentic. I tested and you do have to enter the code twice. So nice touch for the scammers. Once you get in you’ll get an authentic page that asks you to enter your username and password. The only thing on the page that works are the fields for entering your account info. Once scammers have it, they can proceed to clean out your bank account or charge a bunch of stuff on your card.
Don’t fall for it. If you think there might be an issue with an account, open up a separate browser and go to your account to make the changes there. Or find the customer service number on a statement and call them.