Email purporting to be from the “Mail Administrator” claims that the user’s email account is pending deactivation and will be terminated within 24 hours if the user does not click a link to sign in and update the account.
The message is not from any genuine Mail Administrator and the claims of impending account deactivation are untrue. Instead, the email is a phishing scam designed to trick unwary users into giving their email account login details to cybercrooks.
Subject: Important News About Your Account (Closure)
From: Mail Administrator
Hello Account Holder,
Just a short note to inform you that our records indicate that your account is “Pending De-activation” we have previously contacted you requesting account update, however as no update, your e-mail account will now be temporarily suspended if you ignore to update your account within the next 24 hours, to avoid the termination of your e-mail service, kindly click on your Ticket ID below, sign on with your VALID e-mail and password in order to avoid service disruption
CLICK TO VERIFY
Notice Month: September 2013
Received from: Accounts and Administrator
Status: Pending De-activation
Ticket ID: FIQ-868119
Please note that the ticket will automatically be closed within 48 hours if no response is received from you and your account permanently de-activated.
Gao Lee Wu
Customer Experience Officer
This deceptively simple phishing email attempts to panic unwary users into sending their email account details to cybercriminals. The email, which purports to be from the Mail Administrator, claims that the user’s account is “pending de-activation” and will be terminated within 24 hours unless the user provides an account update. The user is instructed to click a link to begin the update and save his or her account from permanent deactivation.
Those panicked into clicking the link in the message will be taken to a generic webpage that asks them to login with their email address and email account password.
If users comply and provide their account details, they will be taken to a new page with the message “Congratulation! Your Account Has Been Lifted”.
Thus, believing that they have successfully saved their accounts from deactivation, users may go about their business with no inkling that they have just been scammed.
Unlike many other email phishing scams, this one does not target customers of a specific email provider. It deliberately does not mention the name of the email service provider that the message was supposedly sent by. In this way, the scammers can collect account data from users of any email system.
Once they have harvested the account details, the criminals can then hijack the real email accounts belonging to their victims and use them to launch various spam and scam campaigns.
Be cautious of any unsolicited email that claims that you must update your email account by clicking a link or opening an attachment. Such “account update” scam emails are a very common scammer ploy.