Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Issue 162 - September, 2013 (2nd Edition) - Page 16

'Email Account Pending Deactivation' Phishing Scam

Issue 162 Start Menu

Previous Article            Next Article

Outline
Email purporting to be from the "Mail Administrator" claims that the user's email account is pending deactivation and will be terminated within 24 hours if the user does not click a link to sign in and update the account.

Cat fishing

© Depositphotos.com/ Lars Christensen



Brief Analysis
The message is not from any genuine Mail Administrator and the claims of impending account deactivation are untrue. Instead, the email is a phishing scam designed to trick unwary users into giving their email account login details to cybercrooks.

Bookmark and Share
Example

Subject: Important News About Your Account (Closure)
From: Mail Administrator

Hello Account Holder,

Just a short note to inform you that our records indicate that your account is "Pending De-activation" we have previously contacted you requesting account update, however as no update, your e-mail account will now be temporarily suspended if you ignore to update your account within the next 24 hours, to avoid the termination of your e-mail service, kindly click on your Ticket ID below, sign on with your VALID e-mail and password in order to avoid service disruption

CLICK TO VERIFY
 
Notice Month:            September 2013
Received from:          Accounts and Administrator
Status:            Pending De-activation
Ticket ID:        FIQ-868119

Please note that the ticket will automatically be closed within 48 hours if no response is received from you and your account permanently de-activated.

Kind regards,

Gao Lee Wu

Customer Experience Officer

Example


Detailed Analysis
This deceptively simple phishing email attempts to panic unwary users into sending their email account details to cybercriminals.  The email, which purports to be from the Mail Administrator, claims that the user's account is "pending de-activation" and will be terminated within 24 hours unless the user provides an account update. The user is instructed to click a link to begin the update and save his or her account from permanent deactivation.

Those panicked into clicking the link in the message will be taken to a generic webpage that asks them to login with their email address and email account password:

 
Account
If users comply and provide their account details, they will be taken to a new page with the message "Congratulation! Your Account Has Been Lifted".

Thus, believing that they have successfully saved their accounts from deactivation, users may go about their business with no inkling that they have just been scammed.

Unlike many other email phishing scams, this one does not target customers of a specific email provider. It deliberately does not mention the name of the email service provider that the message was supposedly sent by. In this way, the scammers can collect account data from users of any email system.

Once they have harvested the account details, the criminals can then hijack the real email accounts belonging to their victims and use them to launch various spam and scam campaigns

Be cautious of any unsolicited email that claims that you must update your email account by clicking a link or opening an attachment. Such "account update" scam emails are a very common scammer ploy.

Bookmark and Share

Last updated: September 6, 2013
First published: September 6, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Gmail 'Update Account' Phishing Scam
Friend Stranded in Foreign Country Scam Emails



Previous Article            Next Article

Issue 162 Start Menu

Pages in this issue:
  1. Unlucky Frog LADEE Rocket Launch Photograph
  2. Reshipping Fraud - Parcel Mule Scams
  3. 'Apple Account Frozen' Phishing Scam
  4. Warnings Claim Facebook Is Deleting Pet Profiles
  5. CASE NOW SOLVED - Message Asks For Help to Identify Man Killed By Train in Melbourne
  6. HM Revenue & Customs Refund of Overpayments Phishing Scam
  7. 'Special Education Week' and 'Autism and ADHD Awareness Month' Messages
  8. Apple iPhone 5c Giveaway Like-Farming Scam
  9. Fake Companies House Emails Contain Malware
  10. Mysterious Carved Tree Hoax
  11. Land Registry Debit Notification Malware Emails
  12. Jennifer's Story - Dating and Money Laundering Scam
  13. Obama Muslim Stamp - USPS Muslim Holiday Stamp Release Protest Message
  14. Pickup Truck Bus Crash Texting Warning Message
  15. No, Facebook Is NOT Removing Veteran Amputee Images
  16. 'Email Account Pending Deactivation' Phishing Scam
  17. NatWest 'Bonus Reward' Phishing Scam
  18. No, Radiation from Fukushima has NOT Killed Hundreds of Whales
  19. Google Support 'Message Blocked' Pharmacy Spam Email
  20. Russian Sleep Experiment Story
  21. Carnival Cruise Free Vacation Packages Survey Scam
  22. Angelina Jolie is Not Dead - Fake Death Message Points to Rogue App and Survey Scam
  23. Bogus LinkedIn Invites Open Drug Store Spam Sites
  24. Kitten Giveaway Scam
  25. Miley Cyrus is NOT Dead - Miley Cyrus Suicide Facebook Scam
  26. Bogus Warning - 'Russian Booksellers Looking For Children'
  27. Dave and Angela Dawes Advance Fee Lottery Scams
  28. Gang Initiation Warning Hoax - Infant Car Seat Left On Roadside
  29. Dueling Banjos Hoax
  30. Football Star Joe Montana is NOT Dead
  31. 'I Am Meth' Poem