Issue 143 - November 2012 (2nd Edition) - Page 15
Webmail Account Phishing Scam
Emails claim that recipients must confirm or re-validate their account by clicking a link or opening an attachment and providing username and password details or their webmail account will be permanently
The emails are phishing scams designed to trick users into submitting their email account login details to cybercriminals.
Last updated: November 1, 2012
First published: August, 27, 2008
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slay
From Email Helpdesk Centre
Subject: Dear Subscriber
We are updating our database and e-mail accounts. To this effect, deleting all unused E-mail account and create more space for new accounts. To ensure that you do not experience service disruption during this period, you need to provide the following details as stated in the link below;
To re-validated your account, click the link below or copy paste on your web browser
Warning!!! Account owner that refuses to update his or her account before two weeks of receiving this warning may lose his or her account permanently.
Thank you for using our mail system
Subject: Dear Webmail Subscriber Confirm Your Account.
From: "WEB SUPPORT TEAM"
Dear Webmail Account Owner,
This message is from web mail admin messaging center to all web mail
account owners. We are currently upgrading our data base and e-mail
account center. We are canceling unused web mail email account to create
more space for new accounts.
To prevent your account from closing you will have to update it below so
that we will know it's status as a currently used account.
CONFIRM YOUR EMAIL IDENTITY BELOW
Email Username : .............
Email Password : ................
Date of Birth : .................
Warning!!! Any account owner that refuses to update his or her account
within Three days of this update notification will lose his or her account
Thank you for using web mail
Warning Code :ID67565434
These unsolicited emails warn recipients that their webmail accounts will be closed if the account is not updated or re-validated within a specified time frame. Many of the messages instructs users to confirm their identity by replying to the email with the webmail account username and password and other personal information.
Beware of scam emails that attempt to trick you into sending your webmail account details to Internet criminals
Other versions instruct users to click a link and supply account login credentials
The messages is not from any official webmail "support team" or help desk as claimed. Nor will user accounts be closed if the requested information is not supplied. Instead, the messages are attempts by Internet criminals to fool unsuspecting webmail users into handing over their account details. Victims who comply with the instructions in the phishing scam emails will in fact be providing the scammers with the means to directly access their webmail accounts. Once armed with the victim's account details, the scammers can login to the webmail account, steal any personal information listed therein, and use the account for sending further spam or scam emails. The scammers can also harvest any email addresses included in the account's contact list and add them to spammer databases.
Scammers regularly use such ruses to trick recipients into compromising their webmail accounts. However, such scam emails are more commonly targeted at specific webmail providers such as Yahoo
. In this case, the scammers have apparently attempted to steal information from users of any
webmail service by sending out a generic message that does not name a particular service provider. The message implies that there is some central webmail administrator that oversees all webmail accounts. However, this is simply untrue. There are now thousands of different webmail providers both large and small. Each is independently operated and they are certainly not under the control of some central administrative entity. A legitimate webmail administration message will clearly identify the company that provides the service via company names, links or logos. Generic admin messages that do not identify the name of the service provider are unlikely to be genuine.
Moreover, your webmail provider is very unlikely to request your username and password via email. While some providers may close inactive accounts after a specified period, they will not demand that the user provide sensitive information via email or risk losing their account within a few days. Any unsolicited email that makes such a demand is likely to be fraudulent. You should treat as suspect any email that claims that you will lose your account if you do not provide private information via email or a website. Do not reply to such emails or click on any links that they may contain.
Yahoo Account Phishing Scam Email
Pages in this issue:
- Hoax - Texas Town Adds Sugar to Water Supply
- Hoax - Facebook Shutting Down on January 15, 2013
- Suncorp Bank '1 Unread Message' Phishing Scam
- US States Petition For Secession
- Survey Scam - Change Facebook to Black
- Missy, Dog Rescued From Colorado Mountain
- Adam Sandler is NOT Dead
- Monkey Orchid
- Dangerous Hoax - 'A Needle Can Save The Life of a Stroke Victim'
- Hoax - Oliver North Warned Congress About Osama Bin Laden in 1987
- Facebook Rogue App/Survey Scam - Free $100 McDonald's Gift Card
- USPS Malware Emails
- Rumors Regarding FEMA and Hurricane Sandy
- Australia Day Name Change Hoax Targets Prime Minister Gillard
- Webmail Account Phishing Scam
- Misinformation Regarding Straight Ticket Voting On 06 November 2012 US General Election
- December 2012 - 5 Saturdays, 5 Sundays and 5 Mondays
- Lil Wayne is NOT Dead
- More 2012 US Election Dissatisfaction: California's Prop 37