According to this email, which purports to be from your account’s “Email Protection System”, there are messages pending delivery on your email portal.
The email includes a date a few days prior when the pending messages were supposedly first sent.
A table in the email gives details about the messages. The email instructs you to click on the linked subjects in the table to view the messages.
It is signed by “Web Admin” at “Webhosting(c) 2019 Secured Service” and includes a Redmond, WA address. The Redmond address is perhaps intended to imply a connection to Microsoft, which has its US corporate headquarters based in that location. To increase the likely hood that you may panic and click without due caution, one of the subject lines of the supposedly pending messages refers to an outstanding payment for a large sum of money.
Clicking any of the links in the email opens a fraudulent website that asks you to enter your email address and email password. The criminals can collect these details and use them to take control of your email account as well as other linked services such as app stores and online storage.
After they have gained entry to your account, they can use it to send spam, scam, and malware emails in your name. If they can access the account’s linked services as well, they can make app store purchases, read and download your stored files, and harvest more of your personal information.
Using the account and the information they have collected, they can pretend to be you online and perhaps even steal your identity. They may also be able to hijack other online accounts you own by using the reset password option, which often uses a password change email sent to your account.
Email account phishing scams like this one are very common. Be wary of any email that claims that there are messages that have not been delivered or that there is an issue with your account that you need to rectify. If you receive such a message, do not click any links or open any attachments that it contains.
Instead, access your email account’s admin area via a trusted app or by entering the address into your browser’s address bar. If there really is a problem with your account, you will most likely be informed via an internal message after you log in.
A screenshot of the scam email:
