Remove “American Express – Sign-in Attempt Was Blocked” email

The “American Express – Unrecognized Transaction” email is a phishing attempt that intends to steal users’ online banking login credentials. The email is disguised as a security alert from American Express, and it falsely informs you that there has been an unrecognized login attempt to your account. The login attempt has supposedly been blocked, but you need to review recent activity for security reasons. The email includes a button that you are urged to click to supposedly review the activity. However, this button will redirect you to a phishing site that imitates the American Express website. Should you enter your credentials on the site, the information will immediately be sent to the cybercriminals behind the phishing campaign. This can grant malicious actors access to your account, potentially enabling them to carry out unauthorized transactions.

 

 

The “American Express – Sign-in Attempt Was Blocked” phishing email is designed to appear as an official notification from American Express, alerting you about a recent unrecognized login. The email doesn’t have much information, only a prompt to review your activity for security reasons. The email has a “Review Activity” button, which will lead you to a phishing site. Phishing sites are usually made to resemble legitimate ones in design, but the URL will never be the same. This particular phishing site is imitating the one for American Express. If you enter your login credentials on this site, they will be stolen. Cybercriminals could potentially use the stolen credentials to access your account and carry out unauthorized transactions.

The full “American Express – Sign-in Attempt Was Blocked” email contents are below:

Subject: We Blocked a Suspicious Sign-In to Your Account

Critical Security Alert.

Sign-in attempt was blocked

Someone tried to sign in to your account using your password, but American Express blocked the attempt.

For security reasons, your account has been flagged and requires immediate attention. We recommend completing the steps below within the next few hours.

Review Activity

You’re receiving this email because you asked us to let you know about important changes to your American Express account.

Notice: You may request communications in an alternative format to accommodate your needs. Please contact us by clicking the Contact us link below.

Cybercriminals always target login credentials, especially for accounts related to money. It’s very important that you know how to spot phishing emails to protect your finances. If you’ve fallen victim to this phishing scam, reach out to American Express right away to inform them of the situation and prevent any unauthorized access to your online bank account.

Signs of a phishing email

Phishing campaigns targeting a large number of users often use very generic emails, making them relatively easy to identify. These emails are typically not personalized and are riddled with spelling and grammar mistakes. However, users who are specifically targeted in more sophisticated phishing attempts may receive highly credible-looking emails. Fortunately, you are much more likely to encounter the simpler, more easily recognizable phishing emails.

If you receive an unsolicited email prompting you to click a link or open an attachment, the first step is to verify the sender’s email address, especially if the sender claims to be someone like a bank or government agency. You can check whether an email address actually belongs to whomever the sender claims to be with a simple search. If you cannot find any traces of the email address, it’s more than likely malicious. Generic phishing emails are frequently sent from random, clearly malicious addresses, while more advanced attacks may use email addresses closely resembling those of legitimate companies or organizations. For instance, the “American Express – Sign-in Attempt Was Blocked” email is clearly not sent from an official American Express account, as a quick glance is enough to expose it as a phishing attempt, even without examining the content.

Another key indicator of phishing emails is poor grammar and spelling, which are pretty obvious red flags. Though the “American Express – Sign-in Attempt Was Blocked” email does not have glaring mistakes, it does not look professional enough to be sent by a sender like American Express.

Always take the time to carefully check all emails urging immediate action, such as clicking a link or opening an attachment. Hover over any links to verify their authenticity and ensure they lead to legitimate websites. Always check the URL of a site before you log in, and avoid clicking on links in emails altogether.