A scheme that's designed to harvest all types of credentials
A clever email account phishing scam has been making the rounds in the past few days. The recipients of phony messages entitled “Email Deactivation Warning” are notified that their address has been “queued for deactivation.”The fake messages (via Hoax Slayer) look something like this:
Dear [email address]
This is an automatic message from our servers; If you are receiving this message it means that your email address has been queued for deactivation. This was as a result of a continuous error received from this email address (code:505).
Please Click [Link] to resolve this problem.
Note: Failure to resolve this problem by ignoring this message would result to the deactivation of your account.
We apologize for any inconvenience and appreciate your understanding.
The clever thing about this particular scheme is that it can target any email users, including Yahoo, Gmail, Hotmail or AOL.
The crooks are most likely not interested in specific types of accounts, so they’ll be happy with any kind of login credentials they can harvest.
Internauts who click on the link are taken to a simple webpage that displays a form which contains the following fields: user ID, email, password, and password confirmation.
Once these details are input and the Login button is pressed, the valuable information is instantly stored in a database owned by the cybercriminals.
To ensure that the credential sets they gather are not incorrect, the following message is displayed:
Your Information Has Been Submitted Successfully.
Note: Inputting Wrong Information will result to de-activation of your email address.
Click Here to correct your submitted information.
As Brett Christensen highlights, email providers will never send out such generic messages to warn customers of account issues. This is why users are always advised to be on the lookout for such notifications and ignore their requests.