If you do business with either American Express (AMEX) or Netflix, be on the alert.  Windows Defender Security Intel has recently reported the detection of two major new phishing-style campaigns aimed at the customers of both businesses.

Recipients have been receiving emails that appear identical to official Netflix and American Express communications.

In both cases, the ultimate goal is to convince customers to hand over their credit or debit card information. Microsoft has sent a couple of different tweets out about the issue.  One of them assures customers that “Machine learning and detonation-based protections in Office 365 ATP protect customers against both campaigns.”

And another warned that “The Netflix campaign lures recipients into giving away credit card and SSN info using a ‘Your account is on hold’ email and a well-crafted payment form attached to the email.”

The unfortunate truth is that emails like the ones currently in play are extremely easy to craft and very compelling.  The hackers simply play on the fears of the customer, making it sound as though if they don’t take immediate action they’ll lose access to a valued service they’ve come to rely on.

There’s essentially no cost to the hacker for pushing out hundreds, or even thousands of emails like the ones currently being used. For each victim that falls prey to the tactic, the costs can be enormous.

As ever, the first best line of defense is education and awareness.  In addition to that, if there’s ever any question at all about the status of your account, the best thing you can do is to address the issue via another channel.

In other words, don’t simply reply to the email you received.  Open a new tab, look up the company’s customer support number and call to verify.  Doing so will tell you in short order whether the email you received was legitimate, or someone trying to separate you from your hard-earned money.

Phishing Email

Phishing EmailPhishing emails look surprisingly legitimate when you don’t know what you’re looking for.  74% of targeted cyber attacks come from email.  In a recent FBI report, ransomware and phishing scams are increasing rapidly with over 246 million dollars compromised in 2015.

Email used to be a much safer exchange.  Spam firewalls kept the bad stuff out and Sandboxing stopped zero-day threats, but gateways are blind to social engineering.  Attacks are now coming in through the “back door” and able to get around security gateways.

Think of cyber criminals like super spies who watch you online.  They know who you are, where you work, your online habits, and who you know.  This information allows them to send you emails from a “trusted” source whether it be from a financial institution or a co-worker.

Phishing Emails

Phishing emails are designed to obtain information by having you click on a link to update financial information.  Check out the example below outlining what you should be looking for.

Phishing Email Example
It’s important to thoroughly check your email to make sure it says the correct information and websites. Often times, the website link will be misspelled (ie: faceboook.com, citybank.com).  It’s best to hover over the link to see what it says.  If you do happen to click on it, make sure it’s the correct website in the browser.  If not, close the browser immediately.

Spear Phishing

In spear phishing, cyber criminals do more digging and spend time researching their highly targeted victim.  The criminal stalks your personal social media profiles and websites you access before baiting you with an email that looks legitimate.  The more time they spend observing your actions, the more they can send you a convincing scam you’ll fall for.

Spear Phishing example

Clara was tagged in her boss, George’s photo on Facebook.  The criminal then finds Clara on LinkedIn and finds out information about her job and company.

Anatomy of spear phishing email

Using the information the criminal found out on social media, he sends an email to Clara from “George” mentioning the party they were both at the previous night.  The criminal follows that up with a request for a money transfer.


Poor employee behavior is a greater email security concern than inadequate tools.  This is why it’s imperative to educate and test your employees about proper protocol on company network, email, and devices.

Interested in training your employees and learning how to protect your company?  Ask about our managed IT services, which includes cyber-security, employee training/testing as well as back-up and recovery options.

Sign up for our cyber security newsletter to receive more tips to keep you safe.

Graphics & info provided by Barracuda.