Phishing Alert: Fake American Express Email Entitled “Recent Activity Report” Contains Link to Harmful Web site and Attachment

Friday, December 14, 2012

Computing Services and Systems Development (CSSD) has received reports of a new email phishing scam being received by members of the University community. The email, entitled "Recent Activity Report", claims to be a notice from American Express with an attachment summarizing suspicious activity on your credit card account. If you receive this message or one similar to it, delete it without replying and without opening any attachments.

The following is a sample of the fraudulent email:

* * * * * * * * * * * * * * * * SAMPLE * * * * * * * * * * * * * * *

From: American Express []

Sent: Thursday, December 13, 2012 11:34 AM

Subject: Recent Activity Report - Incident #KQQTLS8W

As part of our security measures, we deliver appropriate monitoring of transactions and customers to identify potentially unusual or suspicious activity and transactions in the American Express online system.

Please review the "Suspicious Activity Report" document attached to this email.

Your Cardmember information is included in the upper-right corner of this document to help you recognize this as a customer service e-mail from American Express. To learn more about e-mail security or report a suspicious e-mail, please visit us at

Thank you for your Cardmembership.

Tier III Support
American Express Account Security
Fraud Prevention and Detection Network

Copyright 2012 American Express Company. All rights reserved.

* * * * * * * * * * * * * * END SAMPLE * * * * * * * * * * * * * *
CSSD recommends that you do not reply to unsolicited emails or emails from unverifiable sources. You should also avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. Symantec Endpoint Protection can be downloaded at no cost through the Software Download Service at My Pitt (

Get Help