Webmail Phishing Scam: Your Email Needs to Be Reset Immediately

Access to corporate email accounts is highly useful for a targeted attack

By on January 21st, 2013 19:41 GMT

Office workers are advised to be on the lookout for phishing emails in which they’re informed by their company’s IT team that they must immediately “reset their email accounts.”

The emails read something like this:

“Attention:

This is Your webmail administrator. Please, be informed that the email server has just been upgraded and your email needs to be reset immediately.

This process is to keep the company’s email server updated and protected as always.
Click here to reset your email now

Regards,
Email Administrator.”

The goal of this particular campaign isn’t to help cybercriminals harvest the details of Yahoo!, Microsoft or Google customers. Instead, the target is something even more valuable: corporate email accounts.

Access to corporate email accounts can be highly useful in a targeted attack and notifications such as this one can be highly effective in helping the crooks collect information.

These emails appear to be targeting users from all over the world. Millersmiles.co.uk reports that users from the US have received such emails.

On the other hand, the Information Technology Services department of the University of Hong Kong also issued a warning about these bogus notifications a few days ago.

Comments