New Phishing Scam: Recent Influx of Merchant Credit / Refund Emails
A recent phishing email scam has caused an influx of emails to people from what appears to be your credit card company. You may receive a series of emails from the same sender, all surrounding a similar theme - resolving a dispute and/or issuing a refund to your credit card or banking account.
This post discusses the influx of a new phishing scam claiming to include information about a merchant credit or refund to one of your credit card or banking accounts.
New Phishing Scam: Recent Influx of Merchant Credit / Refund Emails
A phishing scam is one where someone impersonates a legitimate business, hoping to connect with that business's customers. This is used in an attempt to gather user's login or other personal information which can cause harm to the person receiving the email.
What you need to know
A recent phishing scam that has ramped up surrounds emails from either credit card or banking institutions stating they are working on your dispute/claim. The emails vary some, but generally, the subjects are all around "following up on your dispute/claim", or "your dispute/claim has been completed - check the status now", or "we have received your dispute/claim and are working on it".
The purpose of all of these emails is to get your attention. If they can get your attention with the subject, perhaps they can get you to open the email, and from there, click on links they have included in the email. Beyond that, they will likely try to get you to enter account credentials you would use with the account they have pretended to be emailing you about.
Here are some examples of what the emails look like for both a credit card and banking account. These show the email subject lines, the domain they are being sent from as well as what the email content looks like:
In the first example, the amount of the "dispute" is included. In the second example, there is no amount listed, obviously hoping you will click the link to "view the dispute status".
There are several ways to know these are phishing scams, including:
- The domain the email was sent from is secure.net for both examples. If these were truly from American Expresss or Bank of America, respectively, they would be from those domains - americanexpress.com or bankofamerica.com.
- Also, in both examples, the email sender is the name of the bank, rather than customer support or inquiries@ their domain. Banks and credit cards to not send emails from their company name @ their company name. For example, AmericanExpress@AmericanExpress.com.
- The emails are not very professional compared to what you would normally get from a bank or credit card company.
- The greeting (which has been blurred) is not the recipients actual name.
- Possibly most importantly: a dispute with the credit card and bank agencies was not initiated by the person receiving the email.
What you can do
The best thing you can do is to not open any emails with these subjects unless you have in fact initiated a dispute with that company and are expecting information. Even then, you are better off logging into the company's website or app to get updates about your dispute.
If you see emails like this, delete them and mark them as SPAM to try and prevent getting additional emails from the same email address when you are sure it is a phishing email like in the example images above. If you open one of these emails before realizing it is a scam, simply close it and delete it, still marking it as SPAM. Do not click on any of the links in the email. As with any email you receive that you did not expect to get or initiate, do not open the email or click on any links. When in doubt, always go directly to the website, app or call the company involved in the potential scam and verify your information there.
As always, taking the time to slow down and verify information before moving forward is the key to protecting the privacy and security of your data.