How to recognise and avoid phishing scams

 

Learn how to identify, avoid, and report phishing attempts to help keep your personal information and finances secure.

 

 

 

What is a phishing scam?

 

Phishing is a very common type of cybercrime that aims
to trick people into revealing personal information, which
is often then used for financial gain.

 



How can you be sure that it’s
American Express contacting you?

 

We will never call you and ask for the following:



 

 



Full ID
details

 

 

 

 



One-time
verification codes

 

 

 

 



Logins
and passwords

 

 

 

 



Your Card
details or PIN

 

 

 

Examples of phishing scams



Phishing often occurs via email, phone, SMS or voicemail.

• An email that appears to be from your bank or credit card company, asking you log in or verify your account details via link.

• A text message claiming to be from a reputable company, urging you to click a link to resolve an issue with your account.

• A phone call or a voice message from someone pretending to be from your bank or a government agency, demanding immediate action to secure your account or avoid legal trouble.

 

 

Common phishing scam tactics

 

Here’s some common phishing themes:

Appealing offers: If it seems too good to be true, it probably is. Be extra cautious and check for legitimacy.

Urgent action: Attackers often inject a sense of urgency to make you feel you need to act straightaway. They may tell you your account has been suspended or that they’ve detected suspicious activity – and you must log in immediately to fix the problem.

Incorrect recipients: Phishing emails may not address you by name – “Dear Customer”– or may even use an incorrect name.

Attachments or links: Emails containing attachments or links should be treated with suspicion. Scammers may disguise malicious links, for example, use a “1” in place of an “l” – which is almost undetectable.

 

How to prevent phishing scams



Here are some ways to help avoid falling for a phishing scam:

• Don’t respond to a request for information if you recognise any of the warning signs listed above. Remember, it’s easy for scammers to appear to come from legitimate institutions.

• Don’t click on an attachment or link unless you’re sure it’s legitimate. If you’re using a computer, hover your cursor over the link to reveal the real URL.

• If a request seems odd, unusual, or suspicious, it probably is. If it appears to be from a company or someone you know, contact them by phone or another method to make sure they really sent the request.

• When in doubt, visit a website directly by typing the address into your browser instead of clicking on a link.

• Use multifactor authentication. This adds a layer of safety by requiring an additional identification method to log in to your account.

 

shield

What to do if you receive a phishing scam

 

If you receive an email relating to American Express that you believe could be fraudulent, call us immediately
on 0800 656 660 from New Zealand or +64 9 583 8300 from overseas.

 

If you feel your American Express Account information has been compromised, please contact American Express immediately by calling
the number on the back of your Card.

Other service and security benefits

Chip and PIN

 

How to use Chip & PIN and
Contactless Payments

Learn more (opens new window)

Card fraud alerts

 

Set up security alerts to protect
against fraud

Learn more (opens new window)

Online privacy

 

View American Express privacy
principles and policies

Learn more (opens new window)

Not an American Express Card Member yet?

Explore our Cards (opens new window)