Cybercriminals try to fool internauts into handing over their usernames and passwords

May 14, 2012 09:53 GMT  ·  By

Hotmail customers are advised to be on the lookout for emails entitled “E-mail account alert!” which notify them that their accounts have been blocked. These messages hide a link which points to a malicious website that urges the potential victim to provide his login credentials.

Here’s part of the shady notification, provided by the folks from Hoax Slayer:

This e-mail has been sent to you by Hotmail to inform you that your account has been blocked.

Why are you seeing this? Someone may have used your account to send out a lot of junk messages (or something else that violates the Windows Live Terms of Service). We're here to help you get your account back. What do you need to do?

We'll ask you to login to our secured activation page by following the link below and re-activate your account. [Link]

If you have already confirmed your account information then please disregard this message.

Users who fall for the scam and click on the shady link are taken to a website that almost perfectly replicates the genuine Windows Live login webpage. Once the username and password are provided, the unsuspecting victim is taken to the legitimate website.

This might make him/her believe that the login simply failed. When they do sign on to their account, they may think that the re-activation process was successful.

While it is true that cybercriminals use compromised accounts to send out spam and other malicious notifications, internauts shouldn’t rush to trust every email they receive.

On the contrary! With all the malevolent plots making the rounds online, users should see every alert as a potential threat.

There are a few simple steps that can be taken to verify a notification’s legitimacy. First, look at the sender’s email address. Even though many of them are spoofed to look like they originate from a legitimate address, in some cases you will see that the sender is something like [email protected].

The name of the site that hides behind the link is also very important. If the hyperlink points to any other URL than the company’s official one, it’s most likely a scam.