It started with an urgent subject line: “Resolve Unusual Activity on Your American Express Account Now.” That is how one scam email tried to trick me into clicking a fake link that claimed to “verify account activity.” It looked official with logos, customer support tone and even a partial account number. But it was a phishing attempt, a common tactic used to steal personal and financial information.
Let’s look at what made this message suspicious and how you can protect yourself.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
HOW TO SPOT AND STOP AI PHISHING SCAMS
How the phishing email scam works
Phishing emails copy trusted companies to create panic and urgency. The goal is simple: get you to click. In this case, the email claimed my American Express account was “temporarily restricted” until I verified my identity.
A fake American Express email tried to steal personal data using urgent, fear-based language. (Kurt "CyberGuy" Knutsson)
A closer look revealed several red flags:
- The sender’s email was not from an official American Express domain.
- The “Click Here” button linked to a strange website.
- The message used fear-based language about account suspension.
Each of these clues points to a fake email designed to steal login details or credit card numbers.
SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS
Learn to spot red flags like strange email addresses and fake “verify account” requests. (Kurt "CyberGuy" Knutsson)
What to do if you receive a phishing email
If an email looks suspicious:
- Do not click any links.
- Check the sender’s address. Real companies use verified domains, not random ones.
- Go directly to the company website by typing the URL into your browser.
- Report the email. American Express asks customers to forward phishing messages to [email protected].
- Delete the email right away.
These steps can protect you from identity theft and financial fraud.
PROTECT YOURSELF FROM SNEAKY WEB INJECTION SCAMS
Strong passwords, 2FA and data removal services help defend against digital scams. (Neil Godwin/Future via Getty Images)
10 tips to protect yourself from phishing emails
Phishing scams that mimic real companies like American Express can slip into your inbox looking almost legitimate. The best way to stay safe is to create strong digital habits that protect your information and your peace of mind. Here are the top ways to defend yourself against phishing threats and financial fraud.
1) Turn on two-factor authentication for financial accounts
Adding two-factor authentication (2FA) creates an extra layer of protection. Even if a scammer gets your password through a fake American Express email, they cannot access your account without your verification code. Most banks and credit card companies offer this free feature in their security settings. Enable it today and make your login stronger.
2) Consider using a data removal service
Data removal services help clean up your personal information from data broker websites that collect and sell your details to advertisers, marketers and even scammers. Reducing your digital footprint limits the amount of information that phishing attackers can use to make fake emails look convincing. In the case of fake American Express messages, less personal data online means fewer details criminals can use to target you directly.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
3) Keep your browser and security software updated
Outdated browsers and antivirus programs leave gaps that scammers can exploit. Regular updates close those gaps and strengthen your defense against phishing links and malicious downloads. Set your software to update automatically so you are always protected when opening emails or clicking links.
4) Review account statements and transactions regularly
Make it a habit to log into your credit card accounts directly from the official website, not from email links. Scan your statements for unfamiliar transactions. Early detection helps you report fraud fast and recover funds before more damage is done.
5) Pause and verify before you click anything
Phishing emails thrive on urgency. Before clicking, take a deep breath and ask yourself: Does this message feel pressured or suspicious? Instead of clicking “verify now,” open a new browser tab and visit the official credit card website to check your account. This one simple pause can stop a scam in its tracks.
6) Use strong antivirus software
Good antivirus software not only blocks viruses but also warns you when a site or email is unsafe. Choose a program that includes phishing detection, real-time web protection and email scanning. These tools can automatically block fraudulent look-alike emails before you even open them.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
7) Use an identity monitoring service
Identity monitoring services keep watch over the dark web and alert you if your personal information, such as your email address, password, or credit card number, appears in stolen data. If scammers gain access to this information, they often use it to create realistic phishing attempts, like the fake American Express “account restricted” email. Early detection through identity monitoring allows you to take action, such as changing passwords, freezing credit, or alerting your bank before real damage occurs.
Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.
8) Learn to recognize official communications
Legitimate companies like American Express will never ask for full account numbers, passwords, or security codes by email. Familiarize yourself with how real messages from your bank look and sound. If something feels off, forward the message to the company’s official fraud department and delete it immediately.
9) Back up your important data securely
If a phishing attack installs malware on your computer, it can lock or delete files. Keep secure backups on an external drive or a trusted cloud service. That way, even if scammers target your system, you will not lose access to your information.
10) Trust your instincts
If an email feels wrong, it probably is. Your intuition is one of your strongest defenses against scams. Combine it with these habits to stay ahead of cybercriminals and keep your personal and financial information safe.
Kurt’s key takeaways
Phishing scams are becoming more advanced, but your awareness is your best defense. When you know how to spot fake emails and stay calm under pressure, you protect both your money and your peace of mind. So next time you get an “urgent” message about your account, ask yourself: Would your bank really contact you this way?
Have you ever received a suspicious email like this? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO GET THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.