IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
Outline Email purporting to be from "IT Service Desk" claims that, due to a scheduled maintenance & upgrade, the user must reply with his or her email username and password to avoid service disruptions.
The email is not from any IT service desk. In fact, the message is a phishing scam designed to trick users into divulging their email login details to Internet criminals.
Your account is in the process of being upgraded to a newset of Windows-based servers and an enhanced online email interface inline with internet infrastructure Maintenance. The new servers will provide better anti-spam and anti-virus functions, along withh IMAP Support for mobile devices that Support IMAP to enhance your usage.
To ensure that your account is not intermittently disrupted but active during and after this upgrade, you are required to kindly confirm your account by stating the details below:
* User name:
This will prompt the upgarde of your account.
Failure to acknowledge receipt of this notification, might result to a temporal deactivation of your account from IT Service Desk database.
Your account shall remain active upon your confirmation of your login details.
IT Service Desk apologize for any inconvenience caused.
IT Service Desk
Copyright 2011, All Rights Reserved.
According to this email, which purports to be from "IT Service Desk", the user's email account is undergoing a scheduled maintenance & upgrade that will result in a new and enhanced email service. The message warns that, in order to avoid possible disruptions or even a "temporal deactivation" of the account, the user must confirm account details by emailing his or her username and password.
However, the email is certainly not from "IT Service Desk" or any legitimate email service provider's support team. In fact, the message is a phishing scam designed to trick unwary users into submitting their account login details to cybercriminals. If a recipient falls for the ruse and replies with his or her email username and password, the criminals responsible for the scam will be able to use these stolen credentials to access his or her email account. Once they have gained access, the criminals can then change the password to lock out the legitimate account holder and use the account to send spam email and launch further scam campaigns.
There have been a number of similar scam campaigns in the last several years. Many such attempts target users of a specific email service provider such as Hotmail, Yahoo, Gmail or Bigpond. This version of the scam takes a more generic approach. The message does not name a specific provider which means that the scammers can effectively target customers of a range of service providers. If recipients reply, the scammers can ascertain which service provider they are using by examining their email address. Then, armed with the victim's login details, they can go to the provider's website and login at will.
The message tries to make its claims sound more believable by including technical sounding jargon that supposedly explains why recipients are required to provide their login details. While more computer savvy users may not fall for such a transparent ruse, less experienced users may be considerably more vulnerable.
No legitimate service provider will ever ask you to send your login details via email. Some versions of the scam use a similar cover story but entice potential victims into providing their details on a bogus website or via an attached HTML form. If you receive a message that makes such a request, do not reply. Do not follow any links or open any attachments that the email may contain.