Yesterday, I was playing with my kids on the couch when I decided to take a quick look at my emails just in case there was something time sensitive like a media request for a travel expert, as they need to be replied to pronto or you miss the opportunity.
There wasn’t an email from a news station but there was one from American Airlines stating: “Your primary email was changed.” As you can see from the screenshot below it looked legit – especially on my phone.
I had just been on AA.com earlier in the day to cancel a flight I had for today to New York as I was supposed to attend a conference (but I bowed out due to Covid) so I thought I might have been hacked.
But when I went to my computer to get a closer look and hovered over the link to see the actual email address of the sender, I quickly realized it was a total scam (screenshot below).
However, even if I didn’t have my computer nearby, I still wouldn’t have clicked a link in a suspicious email. Instead, I would go directly to AA.com (or whichever site they’re pretending to be) and change my password.
So be on the lookout for this AA phishing scam and never click the link in the email or any email unless you know for certain it’s legitimate. You can always just type in the web address manually to avoid hackers from infecting your computer or getting hold of your login credentials.
BTW: I looked up American Airlines phishing scam to report the email and I found this email address (firstname.lastname@example.org) so I forwarded it to them. I highly doubt AA will do anything about it and not sure what they can, which is why again I’m alerting you.
While I have your attention, I should also add that I get these kind of phishing emails almost every day on my Facebook business page where scammers claim to be from Facebook and tell me that my account might be suspended. They will do anything to sucker you so just don’t fall for it.
KEEP READING: A Phishing Scam I Almost Fell For During the Pandemic
Whitney, you should look at INKY anti-phishing software (inky.com). It takes the guesswork out of stopping phish.
VP, Security Strategy
INKY Technology Corp.