Fraudulent Communication

One of the most common types of email fraud is called “phishing”. Phishing is the practice of sending phony email messages that are disguised as legitimate and often include company logos that look real. A typical phishing email will include a false claim about a customer’s account and either a link or button that takes them to a “spoof” website that mimics a reputable company’s actual website, in hopes that they will disclose personal information such as a credit card number or account information. Some phishing emails may also have attachments which may contain potential email viruses. Traditional phishing happens exclusively via the Internet with emails and attachments, but offline phishing involves sending direct faxes and/or postal mailings to consumers or businesses as well.

Examples of Phishing Emails, Faxes, Contracts and Postal Mailings

Example Contract
Latest Email Example
Example Postal Mailing
Example Fax
Example Email 1
Example Email 2
Example Email 3
Example Email 4
Example Email 5
Example Email 6
Example Email 7
Example Email 8
Example Email 9
Example Email 10
Example Email 11

Example of Phishing Email with our partner carrier British Airways

Latest Example Email

What To Do If You Receive a Phishing Email, Fax, Contract or Postal Mailing

American Airlines will never ask you to perform security-related changes to your account in this fashion or send emails to collect user names, passwords, email addresses or other personal information. If you receive an email claiming to be from American Airlines, that asks for account information, it should be considered fraudulent and an attempt to obtain personal information that may be used to commit fraud.

If you receive this type of email, do not click on any links, open any attachments, call any phone numbers listed or follow any instructions in the email. Instead, forward a copy of the email, including the header to webmaster@aa.com so that we can investigate further.

If you receive a phishing fax or postal mailing, please scan the examples and forward via email to webmaster@aa.com. You may also want to file a complaint with the U.S. Postal Inspection Service.

Additional Characteristics of a Phishing Email

  1. Asks for Personal Information: Many phishing emails request personal information such as credit card or account information, passwords, etc. Legitimate emails will never ask you to perform security-related changes to your account or send emails to collect user names, passwords, email addresses or other personal information through email or over the phone.
  2. Official-Looking Sender’s Email Address: The “From” line may include an email address that appears legitimate.
  3. Generic Email Greeting: Many phishing emails begin with something generic like “Dear User” or “Dear Customer”.
  4. False Claims: Many phishing emails make false claims about the status of your account and ask you to update or validate your account by clicking on an embedded link in the email. Some may also include a false sense of urgency and state that your account may be in jeopardy if it is not updated immediately.
  5. Fake Links: Many phishing emails include links that look valid but that send you to a spoof site. Never click on these links as the URL (Web page address) shown may appear to be legitimate (www.aa.com) but may actually display a different URL when you hover over the link with your mouse.
  6. Attachments: Never click on attachments as they may cause you to download spyware or a virus.
  7. Typos and Poor Grammar: Many phishing emails contain typos and poor grammar in the content.