Why this looks valid

• The sender email address looks like it is from American Express
• Web sites often ask users to confirm their accounts
• The website uses American Express logos and looks almost exactly like the Amex website

Why this is phishing

• The link in the email is not actually American Express
• The email lacks a personal greeting
• The email has awkward sentence constructions and grammar, a good indicator of a malicious email
• The fake website asks for a lot of personal information

Additional notes

• This is an extremely dangerous phishing attempt. If you clicked on this link and filled in any information, you should contact American Express directly
• Always enable multi-factor authentication:  always enable MFA wherever it is offered, including financial websites
• Remember:  always check the link.  You can hover over the link in the email to ensure that it going to a valid service
• Report this message to Microsoft. In Outlook on the Web, click the Junk menu, and select Phishing
• A little paranoia goes a long way! Be suspicious of any email messages similar to this one