Select Page

Cyren Security Blog

The Cyren Security Blog is where Cyren engineers and thought leaders provide insights, research and analysis on a range of current cybersecurity topics.

Home Depot Breach Results in First Phishing Scam

It didn’t take long for scammers to catch a ride on the Home-Depot-data-breach wave. Last week, CYREN caught and blocked emails claiming to be from American Express, containing the “subject header” “American Express – Security concern on Data breach at Home Depot.”


The email takes an insidiously effective approach, reminding customers of the Home Depot breach and advising them to regularly check their online accounts for suspicious activity. Of course, the login link provided takes consumers to a phishing address. And, the “From” email address—[email protected]— (a legitimate American Express email address), is spoofed so the sender is further tricked into assuming that the email is legitimate.

What makes this email particularly dangerous is the content is an almost word-for-word reproduction of a message on the real American Express website relating to the Home Depot breach.


As always, CYREN reminds our readers to watch for clues that an email is fake. In this case, American Express will almost always include the card holder’s first and last name in the email, as well as a few digits of their account number. If this information is missing from the email, then it is very likely that it is fraudulent.

You might also like

What is Microsoft Office 365 Advanced Threat Protection?

Office 365 Advanced Threat Protection (also known as ATP and Defender) can provide your organization with advanced security features - keeping you protected from cybersecurity threats. With today's cybersecurity landscape, where new threats appear daily, if not...