Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact
Bookmark and Share

'Numerous Spams Activities from a Foreign IP' Webmail Phishing Scam

Email claims that the recipient's email account has been reported for sending spam and that he or she must follow a link and confirm account ownership or the account will be suspended.

Brief Analysis
The message is a phishing scam designed to trick recipients into divulging their email account login details to cybercriminals. If you receive such an email, do not follow any links or open any attachments that it may contain. Do not reply to the message or provide any information to the senders.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 24th August 2011
First published: 24th August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

From: Webmail Report Subject: Important Notice (Do Not Ignore)

Your email account has been reported for numerous spams Activities from a foreign ip recently. As a result, Webmail has received advice to suspend your account.

However, you might not be the one promoting this Spam,as your email account might have been compromised.
To protect your account from sending spam mails, You are to confirm your true ownership of this account by Click here to Login and confirm in one simple step.

On receipt of the requested information,the Webmail support shall block your account from Spam.

Failure to do this will violate the Webmail email terms & conditions. This will render your account inactive.
NOTE: You will be send a password reset message In next seven (7) working days after undergoing this process for Security reasons.

Copyright 2011 - Webmail - All Rights Reserved.

Detailed Analysis
According to this message, the recipient's email account has been reported for "numerous spams activities" originating from a foreign IP and "Webmail" has therefore been advised to suspend the account. Supposedly in order to avoid this threatened suspension, the recipient is instructed to click a link in the message and supply information to confirm true ownership of the account. The recipient is warned that failing to supply the requested information will result in the account being rendered inactive.

However, the message is certainly not from "Webmail" or any other online email provider. In fact, the message represents an attempt by cybercriminals to steal email login credentials from recipients. Those who follow the link as instructed will be taken to a bogus website where they will be asked to provide their email address and password. The details supplied will be collected by criminals and used to hijack the victims' real web based email accounts and subsequently use them to send spam or perpetrate further scams such as the Friend Stranded in Foreign Country Scam.

Such emails are a common ruse that has been used in various incarnations by online criminals for several years. Some versions, including this one, purport to be from a generic "Webmail" provider, presumably in an attempt to pull in victims who use a range of different online email providers. Other versions specifically target users of common email service providers including, Hotmail, Gmail, Yahoo and Bigpond. Many variants of the scam ask the victim to simply reply to the email with his or her username and password rather than follow a link and provide the details on a bogus webform.

Be wary of any email that asks you to provide your email login credentials. Your email service provider already has this information and is never likely to ask you to supply it via an unsolicited email. If you receive one of these emails, do not click any links in the message. Do not open any attachments that may come with the message and do not reply.

Bookmark and Share References
Friend Stranded in Foreign Country Scam>
Webmail Account Phishing Scam
Hotmail Account Closure Phishing Scam
Gmail Account Phishing Scam
Yahoo Account Phishing Scam Email
Bigpond Database Upgrade Phishing Scam

Last updated: 24th August 2011
First published: 24th August 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer