Btinternet Email Account Phishing Scam
Email targeting BT Yahoo (Btinternet) users claims that the recipient's account will be suspended if he or she does not reply with account login details within 72 hours (Full commentary below
False - Email is a scam designed to steal account information
(Submitted, September 2009)
Subject: *ACCOUNT VERIFICATION*
BT Yahoo logo removed
Dear Btinternet Account User,
We have temporarily limited all access to sensitive account features.
Due to the junk/spam emails you receive daily, we are currently upgrading
all email accounts spam filter to limit all unsolicited emails for security
reasons and to upgrade our new and improved E-mail account features and
enhancements, to ensure you do not experience service interruption.
Btinternet also will be shutting down all unused Accounts. You will have
to confirm your account by filling out your Login Information below after
clicking the reply button, or your account will be suspended within 72
hours for security reasons.
* User name:
* Date of Birth:
Your failure to provide your e-mail account login details will lead to a
temporary disabled of your e-mail account or we will immediately deactivate
your e-mail account from our database.
Thank you for using Btinternet.
Btinternet.com Technical Support Team
This email, which apparently targets users of BT Yahoo - BT Yahoo is the result of an ongoing partnership between UK telecommunications company BT and Internet giant Yahoo -, claims that the recipient's account will be suspended if he or she does not reply with account login details within 72 hours. According to the message, anti-spam and other account features are due to be upgraded and all unused accounts will be shut down thereby making it necessary for those who wish to keep their account active to provide their account details.
However, the message is not from BT Yahoo or any legitimate provider and the threat of account suspensions is a ruse designed to trick users into providing account login details to Internet criminals. If a recipient falls for the ruse and provides his or her account details as requested, the criminals responsible for the scam can then easily gain access to the account and change the password and other details thereby effectively locking out the legitimate account holder. The criminals are then free to use the compromised account for their own fraudulent purposes, steal personal information stored in the account and send messages to people listed in the account's contact list.
Often, scammers use such compromised accounts to launch further scam email campaigns such as the Friend Stranded in Foreign Country
scam. In this scam, criminals use a hacked email account to send out emails to friends of the account holder claiming that he or she is stranded in a foreign country and needs financial assistance. Since the message appears to come from a friend's email address and may include the friend's regular email signature and other personal references, some of those who receive the message may believe it to be legitimate and send funds as requested.
Scammers have used very similar tactics to target other account holders including generic Yahoo users
and webmail users
No legitimate email service provider is ever likely to request account login details or other sensitive personal information via email. Always ensure that you login to your account via the official login page. Do not click on links in unsolicited emails that ask you to login to your webmail account to update details. Some variants of the above scam trick users into providing their login and other details by directing victims to a bogus website that has been built to resemble the genuine webmail login page.
For more information about phishing scams in general, see:
Phishing Scams - Anti-Phishing Information
Friend Stranded in Foreign Country Scam Emails
Yahoo Account Phishing Scam Email
Webmail Account Phishing Scam
Last updated: 18th September 2009
First published: 18th September 2009
Write-up by Brett M. Christensen