It looks like a phishing campaign, but it's much worse than that

Jul 6, 2012 14:55 GMT  ·  By

American Express customers may be presented these days with an email that asks them if they’ve verified their users IDs or if they’ve reset their passwords. This is the latest spam email that attempts to lure unsuspecting internauts to a website that hosts a variant of the Blackhole exploit kit.

“Did you recently verify your User ID or reset the password that you use to manage your American Express Card account online?” reads the malicious notification.

NSS Labs experts have analyzed these emails which, at first glance, appear to be part of a phishing campaign.

However, those unfortunate enough to click on the links they carry may end up with a nasty piece of malware on their computers.

The final payload can be anything from a keylogger, a piece of ransomware, or a fake security product. If you come across an email such as this one, be sure to delete it as soon as possible.