What's a phishing email?
Phishing emails are messages made to look as though they were sent from a bank, credit card company or other trusted organisation.
What do they contain?
Fraudsters will typically try to trick you into clicking through to a fake website. You may be told that if you don't follow the link and update your password, your account will be suspended.
Once on the fake site, you could be asked to enter sensitive information such as your login details, password or account number. Like the phishing email, the site will look genuine.
How can I spot one?
If you think you might have received a phishing email from American Express®, the first thing to do is check the email address it came from. We will normally email you from the following addresses:
@americanexpress.com.sg
@email.americanexpress.com
@welcome.aexp.com
@americanexpress.com
@aexpfeedback.com
@aexp.com
@americanexpress.co.sg
@welcome.americanexpress.com
If we're emailing you about your Account, the message will usually also contain your first and last name and the last few digits of your Account number.
Other ways to spot a phishing email
• The sender calls you something general like “customer” instead of your name.
• They want you to act urgently. For example, they might tell you that unless you do
something right away, your Account may be closed.
• They want you to open an attachment you weren’t expecting.
• The email contains spelling and grammar mistakes.
• The email is sent from a different address or a free website address.
• They ask for personal information such as your username, password or bank details.
• Hover your cursor over the URL to check the link is what you expect it to be.
Reporting email scams
If you think an email looks like a phishing attempt, forward it to
spoof@americanexpress.com as soon as you can.
Please do not include your Account number in the email.
If you think your American Express® Account information has
been compromised, give us a call straight away.
How to help protect yourself against email scams?
• Don’t give out your Card details, login details or password.
• Keep your antivirus software, firewall and security patches up to date.
• Don’t reply to emails from unknown sources, open their attachments or click on any links.
• Make sure your email system’s spam filter is switched on. Most can be set to allow emails from trusted sources and block those from untrusted sources.
Phone Scams
Fraudsters may also try to obtain your details over the phone - a process often known as vishing. This is a form of social engineering, which means obtaining sensitive information from people through deception and manipulation.
Be wary of anyone asking for your personal information. For example, American Express® will never ask for your Account details by email or phone. We do ask for a few security questions just to confirm who you are, but would normally only ask for partial answers so your personal information isn’t revealed. If something doesn’t feel right, simply hang up and call us on the number shown on the back of your Card.
SMS Phishing
Fraudsters may send you a text message that asks you to confirm your Account details. You can spot them in the same ways you can spot a phishing email. Contact us straight away if something seems odd.
Bin-raiding
The oldest trick in the book – rooting through your bin to find personal details and account information. Fraudsters still do this, even in the digital age, so stay on the safe side by shredding bank statements and any other documents that contain sensitive information.
Find out how we protect you
Protect your identity online
Not an American Express® Card Member yet?