Account Take Over Fraud occurs when a criminal uses fraudulently obtained personal information to access and use Card accounts in someone else’s name.
This involves criminals gathering personal information about the intended victim. The criminal will then contact the Card issuer (pretending to be the genuine cardholder) change the security and/or address details on the account without the genuine Cardholders knowledge and then arrange for a replacement Card and/or PIN to be sent to a different address.
How does Identity Theft happen?
Identity theft commonly begins with the loss or theft of a wallet or purse. But there are many other ways that criminals can obtain and use your personal information in order to commit identity theft. The following are some examples:
Phishing
Refers to fraudulent communication designed to deceive consumers into divulging personal, financial or account information. Phishing (pronounced “Fishing”) e-mails continue to be prevalent for individuals and companies.
Spoofing well-known companies, these e-mails ask consumers to reply, or "click" a link to a fraudulent web page that will ask for personal information, such as their credit card number, Social Security number or account password.
What are Phishing E-mails looking for:
- Password or PIN.
- Card validation code.
- Card Number.
- Passport or national ID number.
- Date of birth.
- Billing or residential address.
- Contact numbers.
These fraudulent e-mails are often difficult to identify, and often but not always they contain attachments. However there are some techniques you can use to protect yourself. Below are some examples:
E-mail greetings
Always be suspicious of e-mails that do not greet you by name. While not impossible, it is more difficult and costly for phishers to associate an e-mail address with the e-mail owners name on a mass scale. Because of this, phishing e-mails most often are addressed generically like "Dear Customer" or "Dear Cardmember."
When you receive an e-mail from American Express related to your Card Account, it will never include your full Card Account number. If you receive an e-mail regarding your American Express Card Account and it contains this information, it may be fraudulent. If you are concerned about the legitimacy of an e-mail from American Express you can forward the e-mail to fraudprotection@americanexpress.com.bh If the e-mail is fraudulent we will take the appropriate actions.
Sense of urgency
Phishing e-mails often try to create a false sense of urgency intended to provoke the recipient to take immediate action; for example, phishing e-mails frequently instruct recipients to "validate" or "update" account information or face cancellation. Be very cautious of any e-mail asking you to update sensitive information particularly if it has a generic greeting
Urgency of messages are commonly justified with:
- For security maintenance of your account.
- For investigations of irregularities.
- Your account has been frozen.
- We need to reconfirm your details.
- Your credit card has been cancelled.
Technical tips to protect yourself online
Install and upgrade the latest security updates and patches. | Equip your computer with effective virus software. |
Use a personal firewall. | Use anti spyware programme. |
Keep your password secure. | Always log off. |
Protect your computer with password. | Disable the AutoComplete function. |
Secure your wireless network. | Don’t use administrator mode. |
Block/report spam E-mails. | Save the official American Express URL in favorites |
Phone Phishing
Is another way fraudsters try to collect sensitive information from you. In this type of fraud, the fraudster will either contact you by telephone or send you a fake e-mail and ask for you to respond by telephone.
If you are ever in doubt about American Express contacting you by phone, simply call the number on the back of your Card or on your Card Account Statement. Be sure to enter your Card Account number when prompted and you will be routed to the correct department for assistance.
What should you do if you suspect an E-mail is a Phishing attempt?
If you receive an e-mail claiming to be from American Express that you believe to be suspicious;
- Do not click on hyper links or open attachments.
- Check our official website http://www.americanexpress.com.bh/ if the embedded link exists.
- Forward the Email immediately to fraudprotection@americanexpress.com.bh
- Delete the original phishing message from your inbox.
We will review the e-mail and, if it is fraudulent, we will take appropriate action. Please note that you will receive an auto response from American Express acknowledging the receipt of your e-mail.
Click here to know what to do if you have entered a sensitive information on to a fraudulent website.