Access to corporate email accounts is highly useful for a targeted attack
Office workers are advised to be on the lookout for phishing emails in which they’re informed by their company’s IT team that they must immediately “reset their email accounts.”The emails read something like this:
This is Your webmail administrator. Please, be informed that the email server has just been upgraded and your email needs to be reset immediately.
This process is to keep the company’s email server updated and protected as always.
Click here to reset your email now
The goal of this particular campaign isn’t to help cybercriminals harvest the details of Yahoo!, Microsoft or Google customers. Instead, the target is something even more valuable: corporate email accounts.
Access to corporate email accounts can be highly useful in a targeted attack and notifications such as this one can be highly effective in helping the crooks collect information.
These emails appear to be targeting users from all over the world. Millersmiles.co.uk reports that users from the US have received such emails.
On the other hand, the Information Technology Services department of the University of Hong Kong also issued a warning about these bogus notifications a few days ago.