In a rather ironic twist on traditional phishing attacks, customers of American Express are being targeted by a campaign promising them an identity theft and phishing prevention tool.
The phishing emails offer SafeKey use as bait. This is a legitimate program that Amex offers its customers as an additional layer of security to guard against ID theft and phishing.
The scam uncovered by Comodo Labs plays on deep-seated identity theft concerns to actually perpetrate large scale identity theft. The hackers have taken a great deal of care in the design of the messages employed to make them look, feel and seem as legitimate as possible, using authentic looking logos, fonts and color schemes, and going deep into URL addresses.
Clicking the link in the mail directs customers to a fake website that collects the customer’s Amex info along with other juicy personal data — name, social security number, date of birth, mother’s maiden name and her date of birth, a security key, and even a security question.
The Amex SafeKey scam was first discovered in March this year and has flared up again over the summer and most recently last week. Comodo Labs discovered the most recent outbreak of the scam via specific IP and URL analysis as well as by monitoring the data from Comodo’s Antispam Gateway solutions.
You can find out more details of the scam and how it’s perpetrated in Comodo’s online Defend magazine.