Home ScamsPhishing Scams Fake Server Message Tries to Steal Email Account Login

Fake Server Message Tries to Steal Email Account Login

by Brett M. Christensen

According to this supposed server message, you are required to add a recovery number to keep your email account safe. 

The “Security Alert” email warns that your account will be deactivated if you do not click a button and add your recovery number.

However, the email is not from your email service provider.  Instead, it is a phishing scam that attempts to trick you into giving criminals access to your email account.

If you click the button in the email, you will be taken to a fraudulent website that asks you to sign in with your email address and password. It may then ask you to provide other information such as your phone number and home address details. At the end of the process, you’ll be told that you have successfully secured your account.

But, meanwhile, online criminals can collect the information you supplied and use it to hijack your email account.

Once they have gained access to your account, they can use it to launch spam, scam, and malware campaigns in your name. They will also be able to access other services such as online storage and app stores that may be linked to the account.

The criminals may harvest more personal information from the linked services and add it to the information they collected during the scam. They may subsequently use this information to attempt to steal your identity. 

Legitimate email service providers may sometimes send you security alert messages if they detect a login from a new device or suspect unauthorised access attempts.

And, they may prompt you to add a recovery number to help secure your account.

However, genuine emails will always include the name and logo of the service provider.  They will not be generic, unbranded messages like the one below.

And, genuine emails will not threaten that your account will be deactivated if you do not immediately click a link and provide information.

It is always safest to login to your email accounts by entering the address into your browser’s address bar or via a trusted app rather than by clicking a link in an email.

An example of the scam email:

Security Alert Server Message Scam Email


Since you’ve read this far…

…can I ask you for a big favour?

To enhance your privacy and security and offer you a better user experience, Hoax-Slayer is now ad-free. To keep the site online, I now rely on voluntary contributions from site visitors along with commissions from a few trusted products and services that I promote via reviews on the site.

If you found the above report useful, please consider supporting Hoax-Slayer by making a donation. Any amount you can give will be greatly appreciated.

You can donate using your credit card via the form below. Donations are collected securely via the online payment service Stripe. Stripe uses state of the art security to keep your data safe.

Brett Christensen