American Express

4th August 2015 | By admin

Mail’s Content

Date: Thu, 30 Jul 2015 04:07:52
From: “American Express”<Service@americanx.press.com>
Reply To: “American Express”<Service@americanx.press.com>
Subject: Important Information !

American Express

Dear Customer

American Express Accounts service is having a problem and in order
to protect our customer(s), we need you to re-authenticate your account.

Please download the document attached to your email and login to proceed.

Thank You.

© 2015 American Express Company. All rights reserved.

The document attached to this email is best viewed on Firefox and Google Chrome.

Attachment
This phising email includes a attachment which is a html file. Upon opening the html file in an internet browser it opens a page which is replicated version of American Express’s website. This page asks the victim’s credit card information and steals them.

American Express
Overall Analysis

This is a phishing mail that targets the users of American Express Credit Cards. The mail tells the victim to download an attachment and re-authenticate their account. When the user downloads the attachment and fills the form it sends the victim’s information to the attackers. The information collected from the victim is sent to a php service located at http://komaebible.com/wp/wp-content/languages/themes/rev.php.

Be part of an IT community with thousands of subscribers. Get the latest news, blogs, and thought leadership articles. Subscribe now
Loading