An
Email with the Subject "Important: Personal Security Key" was
received in one of Scamdex's honeypot email accounts on Thu, 27 Feb 2014 08:06:20 -0800
and has been classified as a Generic Scam Email.
The sender shows as "American Express" <AmericanExpress@welcome.aexp.com>.
The email address was probably spoofed. Do not reply to or contact any persons or organizations referenced in
this email, or follow any URLs as you may expose yourself to scammers and, at the very least, you will be
added to their email address lists for spam purposes.
Scam TagCloud
expressverificationactivityendedcheckcontactaccountagentpaymentresponsiblecustomerserviceaccesscustomverifysecurereportmailconfidentialreference will securityhttps://www.americanexpre...
NO CHART DATA - EMAIL HAS NOT YET BEEN ANALYSED
Scam Email Headers
This a (redacted) view of the raw email headers of this scam email.
Personally Identifiable Information (PII) has been suppressed, but can be
supplied as received to appropriate investigating or law enforcement agencies on request.
EEEEEstdClass Object
(
[return-path:] =>
[envelope-to:] => am@scamdex.com
[delivery-date:] => Thu, 27 Feb 2014 08:06:20 -0800
[received:] => from 93-96-13-84.zone4.bethere.co.uk ([93.96.13.84]:58976 helo=O2WirelessBox.lan)by lester.newsblaze.com with esmtp (Exim 4.80.1)(envelope-from )id 1WJ3TY-0005l3-6tfor am@scamdex.com; Thu, 27 Feb 2014 08:06:20 -0800
[message-id:] =>
[date:] => Thu, 27 Feb 2014 16:06:21 +0000
[from:] => "American Express"
[user-agent:] => Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
[mime-version:] => 1.0
[to:] =>
[subject:] => Important: Personal Security Key
[content-type:] => text/html; charset=ISO-8859-1
[content-transfer-encoding:] => 7bit
[x-spam-status:] => No, score=3.5
[x-spam-score:] => 35
[x-spam-bar:] => +++
[x-ham-report:] => Spam detection software, running on the system "lester.newsblaze.com", hasidentified this incoming email as possible spam. The original messagehas been attached to this so you can view it (if it isn't spam) or labelsimilar future email. If you have any questions, seeroot\@localhost for details.Content preview: View Account Make a Payment Manage Alerts Preferences [...] Content analysis details: (3.5 points, 4.0 required) pts rule name description---- ---------------------- -------------------------------------------------- 2.0 HELO_LH_HOME HELO_LH_HOME 0.0 TVD_RCVD_IP TVD_RCVD_IP 0.0 HTML_MESSAGE BODY: HTML included in message 1.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts 0.4 RDNS_DYNAMIC Delivered to internal network by host with dynamic-looking rDNS
[x-spam-flag:] => NO
)
Domain Names used for collecting scam email ("Honeypot email accounts") have been obscured and replaced with the token 'HUN1P0T'
Community Action - SPAM/non-Scam Report
Occasionally, incorrectly categorized emails get into the Scamdex Scam Email Database and need to be removed. If this
email has Personally Identifiable Information (PII), or is, in your opinion, from a bona-fide entity, let us know.
Scamdex will, as soon as is practicable, take-down any emails that in our opinion should not
be in our database. Note that ALL emails in the Scamdex Scam Email Database were received as Unsolicited Commercial Email, aka UCE or
SPAM, via unpublished 'Honeypot' email addresses.
View Account
Make a Payment
Manage Alerts Preferences
Irregular card activity
We detected irregular card activity on your American Express
Check Card on 27 February, 2014.
As the Primary Contact, you must verify your account activity before you can
continue using your card, and upon verification, we will remove any restrictions
placed on your account.
To review your account as soon as possible please.
Please click on the link below to verify your information with us:
https://www.americanexpress.com/
If you account information is not updated within 24 hours then your ability
to access your account will be restricted.
