According to this email, which may look like it was sent by your email service provider, you need to enable “2nd step security” on your email account.
Supposedly, the email is a security exercise to identify and delete dormant accounts on the server.
It warns that, if you do not click a button to enable security, your account will be marked as dormant and closed down.
However, the email is not a legitimate message from your service provider and
clicking the button will not enable any security measures on your account.
Instead, the email is a phishing scam designed to steal your email account login information. If you click the button, you will be taken to a fraudulent website and asked to log in with your email address and email account password.
After “logging in” on the fake site, you will see a message claiming that you have enabled the extra security measure and proven that your account is not dormant.
But, the criminals can now log in to your account and use it to launch further spam, scam, and malware attacks.
They can also access any services that are linked to the account, including online file storage and app stores. Thus, the criminals may be able to harvest information contained in your stored documents and apps and conduct fraudulent transactions via your app store account.
If they manage to collect enough of your personal information, they may be able to steal your identity.
Your service provider will never send you an email that demands that you immediately follow a link to update account details or implement a new security system.
Always login to your email account via a trusted app or program or by entering the address into your browser’s address bar rather than by clicking a link in an email.
An example of the scam message