Look out! The bad guys are sending a new, attention-grabbing phishing email and they’re targeting the customers of major credit card companies.
Here’s how it works: The email appears to come from one of two well-known credit card companies, either American Express or Chase. The email includes a list of credit card transactions, and you’re asked to confirm or deny whether the transactions are valid. If you click the “No, I do not recognize the transactions” link, you’re brought to a fake login page that looks very similar to the credit card company’s actual login page. Don’t fall for this trick! If you submit your login details, your information is immediately sent to the scammers and your account and your identity will be at risk.
Remember the following to help protect yourself from these types of scams:
- Do not trust the links in an email that you weren’t expecting.
- When you receive an email asking you to log in to an account or online service that you use, log in to your account through your browser–not through links in the email. This way, you can ensure you’re logging into the real website and not a phony look-alike.
- Do not reuse passwords. If you use the same password for multiple accounts and one gets hacked, they’re all at risk of being hacked.
Stop, Look, and Think. Don’t be fooled.
The KnowBe4 Security Team