Home ScamsPhishing Scams ‘Email Deactivation Warning’ Phishing Scam

‘Email Deactivation Warning’ Phishing Scam

by Brett M. Christensen


Email claiming to be from the Mail Administrator claims that the recipient’s email address has been queued for deactivation due to an account error. The message instructs the recipient to click a link to resolve the problem and avoid account deactivation. 

Brief Analysis

The message is not from any mail administrator and the claim that the recipient’s address is set to be deactivated is untrue. The message is an attempt by cybercriminals to trick users into handing over their email account login details.


Subject: Email Deactivation Warning

Dear [email address removed]

This is an automatic message from our servers; If you are receiving this message it means that your email address has been queued for deactivation. This was as a result of a continuous error received from this email address (code:505).

Please Click [Link Removed] to resolve this problem.

Note: Failure to resolve this problem by ignoring this message would result to the deactivation of your account.
We apologize for any inconvenience and appreciate your understanding.

Mail Administrator.


Detailed Analysis

This message, which purports to be from a “Mail Administrator”, warns recipients that their email address has been queued for deactivation due to a “continuous error” received from the account. The message instructs users to click a link in order to resolve the problem. But, warns the message, ignoring the instructions will result in the deactivation of the email account.

However, the email is not from any administrator nor are the email addresses set to be deactivated as claimed. In fact, the message is a phishing scam designed to trick users into divulging their account login details to online scammers. Those who fall for the ruse and click the link will be taken to a bogus email login page as depicted in the following screenshot:

Fake webmail login form

Users who comply with the request and enter their details will then be presented with the following message:

Your Information Has Been Submitted Successfully.

Note: Inputting Wrong Information will result to de-activation of your email address.

Click Here to correct your submitted information.

It is true that the information has been “submitted successfully’, at least from the point of view of the criminals operating the scam. In fact, the login information will be sent to these criminals and may subsequently be used to hijack the victim’s real email account. 
Once they have gained access to the compromised account, the criminals can lock out the legitimate owner. They can then use the account to send scam and spam emails that will look like they were sent by the legitimate owner.

Often, such hijacked accounts are used to send emails that falsely claim that the account owner is stranded in a foreign country or has suffered a serious mishap and is therefore in desperate need of money. Because these emails seemingly come from someone they actually know, at least a few recipients of these emails may fall for the ruse and send money as requested.

Many similar phishing scam emails have been distributed by criminals in recent years. Most versions target a specific email provider such as Hotmail, Yahoo, Gmail or Bigpond.

This version takes a more generic approach, apparently in an attempt to snare users of any email service. The warning message makes no attempt to identify which email service that it supposedly originates from. So regardless of which email provider they use, victims who fall for the trap and submit their details may find that their accounts are quickly hijacked.

No email provider is ever likely to send such a generic deactivation warning. Be cautious of any email claiming that there is a problem with your email account and you must click a link or open an attachment to resolve the problem or verify account details.

It is always safest to log in all of your online accounts by inputting their account address into your browser’s address field rather than by clicking a link in an email.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,