Friday, June 17, 2016

Account Alert: Personal Safe Key (PSK) (American Express Phishing)

American Express Personal Safe Key (PSK)

Please create your Personal Security Key. Personal Safe Key (PSK) is one of several authentication measures we utilize to ensure we are conducting business with you, and only you, when you contact us for assistance.

American Express uses 128-bit Secure Sockets Layer (SSL) technology. This means that when you are on our secured website the data transferred between American Express and you is encrypted and cannot be viewed by any other party. to create your PSK (Personal Safe Key).
The contained message may be privileged, confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. Sincerely, American Express Customer Service.

Create your PSK

Kind regards,
Dave Barry

American Express. All rights reserved.

Email screenshot :


Email analysis :

NOTE : User-Agent : Mozilla/5.0 (Windows NT 6.1; rv:24.0)
NOTE : Gecko/20100101 Thunderbird/24.2.0
NOTE : Return-Path : < americanexpress@welcome.aexp.com >
NOTE : Mime-Version : 1.0
NOTE : Content-Transfer-Encoding : 7bit
NOTE : Content-Type : text/html; charset=ISO-8859-1
NOTE : Received : from localhost (HELO queue) (127.0.0.1)
NOTE : Received : from unknown (HELO AGSKISAJ) (175.157.252.110)


NOTE : Account Alert: Personal Safe Key (PSK)

Phishing analysis :

CLICK : Create your PSK
OPEN : http://amexpersonalsafetykey.com/create
SCREENSHOT :


CLICK : Log In
REDIRECT : http://amexpersonalsafetykey.com/create/step2.html
SCREENSHOT :


CLICK : Continue
REDIRECT : http://amexpersonalsafetykey.com/create/step3.html
SCREENSHOT :


CLICK : Continue
REDIRECT : http://*.*.id.opendns.com/s/phish.opendns.com/index.php?X-OpenDNS-Session=*_*_*_url=amexpersonalsafetykey.com%2Fcreate%2Fstep3.html&server=ams16&prefs=&tagging=&nref

Whois amexpersonalsafetykey.com :

Domain name: amexpersonalsafetykey.com
Registry Domain ID: 77428276_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.todaynic.com
Registrar URL: http://www.now.cn/
Update Date: 2016-06-16T16:00:00Z
Creation Date: 2016-06-16T17:27:11Z
Registrar Registration Expiration Date: 2017-06-16T16:00:00Z
Registrar: Todaynic.com, Inc.
Registrar IANA ID: 697
Registrar Abuse Contact Email: cs@now.cn
Registrar Abuse Contact Phone: +86.7563810552
Registrant Name: Ping Lun
Registrant Organization: na
Registrant Street: 5\\A Xiamen road park
Registrant City: Xiamen
Registrant Province/state: FJ
Registrant Postal Code: 350344
Registrant Country: CN
Registrant Phone: +86.7543376325
Registrant Phone EXT:
Registrant Fax: +86.7543376325
Registrant Fax EXT:
Registrant Email: cs@now.cn
Registry Admin ID:
Admin Name: Ping Lun
Admin Organization: na
Admin Street: 5\\A Xiamen road park
Admin City: Xiamen
Admin Province/state: FJ
Admin Postal Code: 350344
Admin Country: CN
Admin Phone: +86.7543376325
Admin Phone EXT:
Admin Fax: +86.7543376325
Admin Fax EXT:
Admin Email: cs@now.cn
Registry Tech ID:
Tech Name: Ping Lun
Tech Organization: na
Tech Street: 5\\A Xiamen road park
Tech City: Xiamen
Tech Province/state: FJ
Tech Postal Code: 350344
Tech Country: CN
Tech Phone: +86.7543376325
Tech Phone EXT:
Tech Fax: +86.7543376325
Tech Fax EXT:
Tech Email: cs@now.cn
Name Server: a.dnspod.com
Name Server: b.dnspod.com
Billing Name: Ping Lun
Billing Organization: na
Billing Street: 5\\A Xiamen road park
Billing City: Xiamen
Billing Province/state: FJ
Billing Postal Code: 350344
Billing Country: CN
Billing Phone: +86.7543376325
Billing Phone EXT:
Billing Fax: +86.7543376325
Billing Fax EXT:
Billing Email: cs@now.cn

No comments:

Post a Comment