"Phishing Scheme Targets Amex Cardholders"

Researchers have recently uncovered a new type of phishing campaign that is targeting American Express card users. When these incidents occur, attackers are sending a hyperlink as part of a phony account update to access the victim's credentials and other account details. What makes this phishing attack different from most phishing attacks, is that instead of using a hyperlink to send victims to a malicious landing page, this scheme deploys an embedded "base href" URL to help hide the true intent from anti-virus and other security tools.  The attackers behind this phishing campaign sought out as many American Express users as possible and did not discriminate between corporate users or consumers.  The number of affected customers, the date of the attack, or whether any data has appeared on dark net forums remains unknown.

BankInfoSecurity reports: "Phishing Scheme Targets Amex Cardholders"