Tuesday, July 3, 2018

Important Notice!!! ( American Express Phishing )


This is an automated email, please do not reply

Important Update

We noticed there's a problem associated with your account due to breakdwon in security.
For protection, Require you to update it immediately so as to have your account restored.
Kindly use the link below to sign in and restore your account.
Click Here To Update

Regards,
American Express Company

© All users of our online services subject to Privacy Statement and agree to be bound by Terms of Service. Please review. © 2018 American Express Company. All rights reserved.

Email analysis :

NOTE : safeguards@mt.com
NOTE : client-ip=68.99.120.44;⁩


Phishing analysis :

CLICK : Click Here To Update
OPEN : http://www.getsmartcenter.com/wp-admin/bless.htm


RESULT : Phishing was removed
No comments:
Labels : , , ,

Thursday, June 30, 2016

Account Alert: Personal Safe Key (PSK)

American Express Personal Safe Key (PSK)

Please create your Personal Security Key. Personal Safe Key (PSK) is one of several authentication measures we utilize to ensure we are conducting business with you, and only you, when you contact us for assistance. American Express uses 128-bit Secure Sockets Layer (SSL) technology. This means that when you are on our secured website the data transferred between American Express and you is encrypted and cannot be viewed by any other party. to create your PSK (Personal Safe Key).
Note: You will be redirected to a secure encrypted website. The contained message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. Sincerely, American Express Customer Service.

Create your PSK

Kind regards,
Dave Barry

American Express. All rights reserved.

Screenshot of the email :


Email analysis :

NOTE : AmericanExpress@welcome.aexp.com
NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < americanexpress@welcome.aexp.com >
NOTE : Content-Transfer-Encoding : 7bit
NOTE : Content-Type : text/html; charset=ISO-8859-1
NOTE : Received : from adsl-97.79.107.137.tellas.gr (79.107.137.97)


NOTE : Account Alert: Personal Safe Key (PSK)

Phishing analysis :

CLICK : Create your PSK
OPEN : http://verifybyamericanexpress.com/create
NOTE : Website is unresponsive...
NOTE : Domain name analysis...

verifybyamericanexpress.com analysis :

Domain name: verifybyamericanexpress.com
Registry Domain ID: 77428276_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.todaynic.com
Registrar URL: http://www.now.cn/
Update Date: 2016-06-27T16:00:00Z
Creation Date: 2016-06-28T14:44:31Z
Registrar Registration Expiration Date: 2017-06-27T16:00:00Z
Registrar: Todaynic.com, Inc.
Registrar IANA ID: 697
Registrar Abuse Contact Email: cs@now.cn
Registrar Abuse Contact Phone: +86.7563810552
Registrant Name: Mong Lwan
Registrant Organization: n\\a
Registrant Street: 33 Xiamen road
Registrant City: Xiamen
Registrant Province/state: FJ
Registrant Postal Code: 350318
Registrant Country: CN
Registrant Phone: +86.7543376322
Registrant Fax: +86.7543376322
Registrant Email: cs@now.cn
Admin Name: Mong Lwan
Admin Organization: n\\a
Admin Street: 33 Xiamen road
Admin City: Xiamen
Admin Province/state: FJ
Admin Postal Code: 350318
Admin Country: CN
Admin Phone: +86.7543376322
Admin Fax: +86.7543376322
Admin Email: cs@now.cn
Tech Name: Mong Lwan
Tech Organization: n\\a
Tech Street: 33 Xiamen road
Tech City: Xiamen
Tech Province/state: FJ
Tech Postal Code: 350318
Tech Country: CN
Tech Phone: +86.7543376322
Tech Fax: +86.7543376322
Tech Email: cs@now.cn
Name Server: a.dnspod.com
Name Server: b.dnspod.com
DNSSEC: unsigned
Billing Name: Mong Lwan
Billing Organization: n\\a
Billing Street: 33 Xiamen road
Billing City: Xiamen
Billing Province/state: FJ
Billing Postal Code: 350318
Billing Country: CN
Billing Phone: +86.7543376322
Billing Fax: +86.7543376322
Billing Email: cs@now.cn
No comments:
Labels : , , , ,

Friday, June 17, 2016

Account Alert: Personal Safe Key (PSK) (American Express Phishing)

American Express Personal Safe Key (PSK)

Please create your Personal Security Key. Personal Safe Key (PSK) is one of several authentication measures we utilize to ensure we are conducting business with you, and only you, when you contact us for assistance.

American Express uses 128-bit Secure Sockets Layer (SSL) technology. This means that when you are on our secured website the data transferred between American Express and you is encrypted and cannot be viewed by any other party. to create your PSK (Personal Safe Key).
The contained message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. Sincerely, American Express Customer Service.

Create your PSK

Kind regards,
Dave Barry

American Express. All rights reserved.

Email screenshot :


Email analysis :

NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < americanexpress@welcome.aexp.com >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : 7bit
NOTE : Content-Type : text/html; charset=ISO-8859-1
NOTE : Received : from localhost (HELO queue) (127.0.0.1)
NOTE : Received : from unknown (HELO AGSKISAJ) (175.157.252.110)


NOTE : Account Alert: Personal Safe Key (PSK)

Phishing analysis :

CLICK : Create your PSK
OPEN : http://amexpersonalsafetykey.com/create
SCREENSHOT :


CLICK : Log In
REDIRECT : http://amexpersonalsafetykey.com/create/step2.html
SCREENSHOT :


CLICK : Continue
REDIRECT : http://amexpersonalsafetykey.com/create/step3.html
SCREENSHOT :


CLICK : Continue
REDIRECT : http://*.*.id.opendns.com/s/phish.opendns.com/index.php?X-OpenDNS-Session=*_*_*_url=amexpersonalsafetykey.com%2Fcreate%2Fstep3.html&server=ams16&prefs=&tagging=&nref

Whois amexpersonalsafetykey.com :

Domain name: amexpersonalsafetykey.com
Registry Domain ID: 77428276_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.todaynic.com
Registrar URL: http://www.now.cn/
Update Date: 2016-06-16T16:00:00Z
Creation Date: 2016-06-16T17:27:11Z
Registrar Registration Expiration Date: 2017-06-16T16:00:00Z
Registrar: Todaynic.com, Inc.
Registrar IANA ID: 697
Registrar Abuse Contact Email: cs@now.cn
Registrar Abuse Contact Phone: +86.7563810552
Registrant Name: Ping Lun
Registrant Organization: na
Registrant Street: 5\\A Xiamen road park
Registrant City: Xiamen
Registrant Province/state: FJ
Registrant Postal Code: 350344
Registrant Country: CN
Registrant Phone: +86.7543376325
Registrant Phone EXT:
Registrant Fax: +86.7543376325
Registrant Fax EXT:
Registrant Email: cs@now.cn
Registry Admin ID:
Admin Name: Ping Lun
Admin Organization: na
Admin Street: 5\\A Xiamen road park
Admin City: Xiamen
Admin Province/state: FJ
Admin Postal Code: 350344
Admin Country: CN
Admin Phone: +86.7543376325
Admin Phone EXT:
Admin Fax: +86.7543376325
Admin Fax EXT:
Admin Email: cs@now.cn
Registry Tech ID:
Tech Name: Ping Lun
Tech Organization: na
Tech Street: 5\\A Xiamen road park
Tech City: Xiamen
Tech Province/state: FJ
Tech Postal Code: 350344
Tech Country: CN
Tech Phone: +86.7543376325
Tech Phone EXT:
Tech Fax: +86.7543376325
Tech Fax EXT:
Tech Email: cs@now.cn
Name Server: a.dnspod.com
Name Server: b.dnspod.com
Billing Name: Ping Lun
Billing Organization: na
Billing Street: 5\\A Xiamen road park
Billing City: Xiamen
Billing Province/state: FJ
Billing Postal Code: 350344
Billing Country: CN
Billing Phone: +86.7543376325
Billing Phone EXT:
Billing Fax: +86.7543376325
Billing Fax EXT:
Billing Email: cs@now.cn
No comments:
Labels : , ,

Wednesday, March 9, 2016

Αχ99608254 (American Express Phishing)

American Express

Hello *@*.com,

Your account may become inactive. Please Continue and review your data.

Continue

Thank You!

Safeguarding You. There are no guidelines about levels of compensation in this area. Often, the parties can reach agreement about the amount of compensation which is appropriate. If they cannot agree, the court will have to decide. If an individual claims a certain amount in compensation, they will need to be able to show how your failure to comply with the Act has resulted in their incurring that amount of loss or damage.

Website Rules and Regulations Trademarks Privacy
Copyright © 2016 American Express Company

Phishing analysis :

CLICK : Continue

OPEN : http://mazurtransportes.com.br/men.php?***

REDIRECT : http://www.amex.com-signinpage.id2432534641f6a850a564167e47e1fdd0fdacef8342d42f0ad67777522257.culichi-town.com/theonlineamexe8479346463427wanp847823/

SCREENSHOT :


VALIDATE : FORM

REDIRECT : http://www.amex.com-signinpage.id2432534641f6a850a564167e47e1fdd0fdacef8342d42f0ad67777522257.culichi-town.com/theonlineamexe8479346463427wanp847823/acountds98038022-902902.php

SCREENSHOT :


VALIDATE : FORM

REDIRECT : http://www.amex.com-signinpage.id2432534641f6a850a564167e47e1fdd0fdacef8342d42f0ad67777522257.culichi-town.com/theonlineamexe8479346463427wanp847823/finisi.php


REDIRECT : https://www.americanexpress.com/us/content/sitemap.html

Email analysis :

NOTE : interview@openid.amex.net
NOTE : interview@open.amex.net
NOTE : Received : from myremote1 (40.77.111.141)


NOTE : by CV2K59CE.cablevision.mx (172.21.30.161)
NOTE : Received : from unknown (HELO corp.cablevision.net.mx)
NOTE : ([172.21.30.160]) by delivery-a-04.corp.cablevision.net.mx
No comments:
Labels : , ,

Thursday, March 26, 2015

Irregular card activity (American Express Phishing)

Irregular check card activity
American Express

Dear Customer,

We detected irregular card activity on your American Express Check Card on 25 March, 2015.

As the Primary Contact, you must verify your credit card activity before you can continue using your card, and upon verification, we will remove any restrictions placed on your card.

To review your account as soon as possible please click on the link below.

http://encontrohuambo.com/americanexpress/security.html

Thank you for your Card Membership.

American Express Customer Care
Fraud Department:
Erica Bermudez
Level III Security Officer

Email analysis :

NOTE : ptaqdb@braincells.com.au
NOTE : fraud@americanexpress.com
NOTE : Received : from unknown (HELO VDIIKUGQCH) (81.18.84.195)


Phishing analysis :

CLICK : http://encontrohuambo.com/americanexpress/security.html
RESULT : Page was removed

Whois encontrohuambo.com :

Domain Name: ENCONTROHUAMBO.COM Registry Domain ID: 1814235286_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.netearthone.com Registrar URL: Updated Date: 2014-07-11T11:20:37Z Creation Date: 2013-07-10T20:31:50Z Registrar Registration Expiration Date: 2015-07-10T20:31:50Z Registrar: NetEarth One, Inc. Registrar IANA ID: 1005 Registrar Abuse Contact Email: Registrar Abuse Contact Phone: Domain Status: clientTransferProhibited (http://icann.org/epp#clientTransferProhibited) Registry Registrant ID: Registrant Name: Domain Admin Registrant Organization: WHOIS IDCPrivacy Service c/o IDC (BVI) Limited Registrant Street: First Floor, 5 Greenwich View Place Visit www.idcprivacy.com to contact the domain contacts. Email to contact@idcprivacy.com for alternative instructions. Registrant City: London Registrant State/Province: London Registrant Postal Code: E14 9NN Registrant Country: GB Registrant Phone: +44.2030262854 Registrant Phone Ext: Registrant Fax: Registrant Fax Ext: Registrant Email: contact@idcprivacy.com Registry Admin ID: Admin Name: Domain Admin Admin Organization: WHOIS IDCPrivacy Service c/o IDC (BVI) Limited Admin Street: First Floor, 5 Greenwich View Place Visit www.idcprivacy.com to contact the domain contacts. Email to contact@idcprivacy.com for alternative instructions. Admin City: London Admin State/Province: London Admin Postal Code: E14 9NN Admin Country: GB Admin Phone: +44.2030262854 Admin Phone Ext: Admin Fax: Admin Fax Ext: Admin Email: contact@idcprivacy.com Registry Tech ID: Tech Name: Domain Admin Tech Organization: WHOIS IDCPrivacy Service c/o IDC (BVI) Limited Tech Street: First Floor, 5 Greenwich View Place Visit www.idcprivacy.com to contact the domain contacts. Email to contact@idcprivacy.com for alternative instructions. Tech City: London Tech State/Province: London Tech Postal Code: E14 9NN Tech Country: GB Tech Phone: +44.2030262854 Tech Phone Ext: Tech Fax: Tech Fax Ext: Tech Email: contact@idcprivacy.com Name Server: wdns1.redelx.com Name Server: wdns2.redelx.com Name Server: wdns3.redelx.com Name Server: wdns4.redelx.com DNSSEC:Unsigned URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
No comments:
Labels : ,

Sunday, February 15, 2015

American Express Phishing

Dear Customer:

We are writing to you because we need to speak with you regarding a security concern on your American Express. Our records indicate that you recently used your American Express card on February 10, 2015. For your security, new charges on the accounts listed above may be declined. If applicable, you should advise any Additional Card Member(s) on your account that their new charges may also be declined.

To secure your account , please click log.

Your prompt response regarding this matter is appreciated.

Sincerely,
American Express

Phishing analysis :

CLICK : please click log
OPEN : http://netpeugeot.com/americanexpress/amex.html
NOTE : Phishing was removed.

Email analysis :

NOTE : no-replay@amex.com
NOTE : Unusual activity in your American Express account
NOTE : User-Agent : Roundcube Webmail/1.1.1
NOTE : Received : from p4fc31e77.dip0.t-ipconnect.de (HELO amex.com) (79.195.30.119)

netpeugeot.com whois :

Registrant ID: Registrant Name: murtaza yiya
Registrant Organization: peugeot ve citroen ozel servisi
Registrant Street: baglarbasi g.o.pasa istanbul
Registrant City: istanbul
Registrant State/Province: turkey
Registrant Postal Code: 34245
Registrant Country: TR
Registrant Phone: +90.05373784445
Registrant Email: myiya@ibb.gov.tr
No comments:
Labels : ,

Thursday, October 30, 2014

Contact Michael Tim (Esq)

Irregular check card activity
American Express

Dear Customer,

We detected irregular card activity on your American Express Check Card on 21 October, 2014. As the Primary Contact, you must verify your credit card activity before you can continue using your card, and upon verification, we will remove any restrictions placed on your card. To review your account as soon as possible please click on the link below.

http://ucsdiagnostic.com/qlgsqpsvgk/wigzbftlar.html

Thank you for your Card Membership.

-------------
American Express Customer Care
Fraud Department:
Erica Bermudez
Level III Security Officer

Email analysis :

NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < ywvh@boston.sisna.com >
NOTE : Received : from host29.181-14-177.telecom.net.ar (181.14.177.29)
NOTE : Irregular card activity

Phishing analysis :

CLICK : http://ucsdiagnostic.com/qlgsqpsvgk/wigzbftlar.html
NOTE : page was corrected by admin

ucsdiagnostic.com whois :

Domain Name: UCSDIAGNOSTIC.COM
Registrar URL: http://www.wildwestdomains.com
Registrant Name: Antonio Santoro
Registrant Organization: UCS DIAGNOSTIC S.R.L.
Name Server: NS1.OMNIBUS.NET
Name Server: NS2.OMNIBUS.NET
DNSSEC: unsigned
No comments:
Labels : , , , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe