Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact
Bookmark and Share

AOL Deactivated Account Phishing Scam

Email purporting to be from the AOL "Verification Team" claims that, due to several unsuccessful attempts to login, the recipient's AOL account will be deactivated unless he or she clicks an "activation link" in the message.

Brief Analysis
The email is not from AOL. It is in fact a phishing scam designed to steal account login details from AOL users. If you receive this or a similar email, do not click any links or open any attachments that it may contain.

Bookmark and Share
Detailed analysis and references below example.

Last updated: July 25, 2012
First published: July 25, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Subject: AOL WARNING,,,

Dear Customer,

This E-mail been sent to you by the AOL Verification Team to inform you that your account will be deactivated within the next 24 hours due to several unsuccessful log in attempt on your account.

To prevent this from happening please log in securely to our activation link below:

[Link Removed]

For immediate access, please click here to validate your account:

if you have already confirmed your information then please disregard this message

Thank you for using AOL! Mail user.

AOL! Account Services

Detailed Analysis
This email, which claims to be from the AOL Verification Team, warns recipients that their AOL account will be deactivated within 24 hours. According to the message, the account is to be deactivated because several unsuccessful attempts to login to the account have been detected. But, claims the message, the impending deactivation can be easily prevented by clicking an "activation link" contained in the email.

However, the message is not from AOL. In fact it is a typical phishing scam designed to trick AOL users into divulging their account login details to Internet criminals. Users who are taken in by the scam and click the activation link will be taken to a fake website created to closely resemble a genuine AOL login page. Although it looks like a real AOL webpage, the fraudulent site has no connection to AOL and is not hosted on an AOL server. After they have entered their account login details on the fake form, and clicked the "Sign In" button, victims will be automatically redirected to a genuine AOL website. Thus, they may believe that they have successfully avoided the supposed account deactivation and may not yet realize that they have become victims of a phishing scam.

Meanwhile, the criminals responsible for this phishing expedition can collect the login details submitted on the fake form and use them to login and hijack the AOL accounts of their victims. Once they have gained access in this way, the criminals can lock out the rightful account owners, steal any personal information stored in account files and use the account for launching further spam and scam campaigns. Often the criminals will use the account's email address book to send scam emails posing as the account holder that try to trick recipients into sending them money. The emails, which will often include the account's holder's name and normal email signature, will falsely claim that the account holder has been robbed or been in an accident while visiting another country and therefore desperately needs a short term loan to get home. Because the emails appear to come from the account of a person that the recipients already know, at least a few may fall for the ruse and send money as requested.

The scammers may also used the compromised accounts to send spam or further phishing scam messages that cannot be traced back to them.

AOL has been many times targeted in such phishing attacks as have other major Internet Service Providers around the world. Be wary of any unsolicited email that claims that an online account you hold needs to be verified, updated or validated by following a link or opening an attached file. If you receive such an email, do not click on any links in the message. And, given that some such scam emails contain the bogus form in an attached file, do not open any attachments either. It is always safest to login to your online accounts by entering the account's website address into your web browser address bar rather than by clicking an email link.

Bookmark and Share


typical phishing scam
falsely claim that the account holder has been robbed
many times targeted
phishing attacks

Last updated: July 25, 2012
First published: July 25, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer