Password Phishing Scam
Home ScamsPhishing Scams AOL Deactivated Account Phishing Scam

AOL Deactivated Account Phishing Scam

by Brett M. Christensen

Outline

Email purporting to be from the AOL “Verification Team” claims that, due to several unsuccessful attempts to login, the recipient’s AOL account will be deactivated unless he or she clicks an “activation link” in the message.

Brief Analysis

The email is not from AOL. It is in fact a phishing scam designed to steal account login details from AOL users. If you receive this or a similar email, do not click any links or open any attachments that it may contain.

Example

Subject: AOL WARNING,,,

Dear Customer,

This E-mail been sent to you by the AOL Verification Team to inform you that your account will be deactivated within the next 24 hours due to several unsuccessful log in attempt on your account.

To prevent this from happening please log in securely to our activation link below:

[Link Removed]

For immediate access, please click here to validate your account:

if you have already confirmed your information then please disregard this message

Thank you for using AOL! Mail user.

Regards,
AOL! Account Services

 

Detailed Analysis

This email, which claims to be from the AOL Verification Team, warns recipients that their AOL account will be deactivated within 24 hours. According to the message, the account is to be deactivated because several unsuccessful attempts to login to the account have been detected. But, claims the message, the impending deactivation can be easily prevented by clicking an “activation link” contained in the email.

However, the message is not from AOL. In fact it is a typical phishing scam designed to trick AOL users into divulging their account login details to Internet criminals. Users who are taken in by the scam and click the activation link will be taken to a fake website created to closely resemble a genuine AOL login page. Although it looks like a real AOL webpage, the fraudulent site has no connection to AOL and is not hosted on an AOL server. After they have entered their account login details on the fake form, and clicked the “Sign In” button, victims will be automatically redirected to a genuine AOL website. Thus, they may believe that they have successfully avoided the supposed account deactivation and may not yet realize that they have become victims of a phishing scam.

Meanwhile, the criminals responsible for this phishing expedition can collect the login details submitted on the fake form and use them to login and hijack the AOL accounts of their victims. Once they have gained access in this way, the criminals can lock out the rightful account owners, steal any personal information stored in account files and use the account for launching further spam and scam campaigns. Often the criminals will use the account’s email address book to send scam emails posing as the account holder that try to trick recipients into sending them money. The emails, which will often include the account’s holder’s name and normal email signature, will falsely claim that the account holder has been robbed or been in an accident while visiting another country and therefore desperately needs a short term loan to get home. Because the emails appear to come from the account of a person that the recipients already know, at least a few may fall for the ruse and send money as requested.

The scammers may also used the compromised accounts to send spam or further phishing scam messages that cannot be traced back to them.

AOL has been many times targeted in such phishing attacks as have other major Internet Service Providers around the world. Be wary of any unsolicited email that claims that an online account you hold needs to be verified, updated or validated by following a link or opening an attached file. If you receive such an email, do not click on any links in the message. And, given that some such scam emails contain the bogus form in an attached file, do not open any attachments either. It is always safest to login to your online accounts by entering the account’s website address into your web browser address bar rather than by clicking an email link.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer