PHISHING – ‘Your Email Address Transmitting Viruses’

Outline

Email from ‘Admin’ claims that your email address has been transmitting viruses and your account will be deactivated if you do not click a link to ‘sanitize your email account’.

Brief Analysis

The email is not from any email administrator or service provider. It is a phishing scam designed to steal your account login details via a fake login form. If you click the link and login on the fake site, your email account may be hijacked by criminals and used for spam and scam campaigns.

Example

Detailed Analysis

According to this email, which claims – rather vaguely – to be from ‘Admin’, your email has been transmitting viruses to the sender’s servers. The email warns that your account will be deactivated permanently if you do not resolve the issue.

The message instructs you to ‘urgently’ click a link to run a scan and ‘sanitize your e-mail account’.
However, the claims in the message are lies designed to trick you into supplying your account login details to criminals.

Clicking the link takes you to a fraudulent webpage that includes a stolen Norton Antivirus logo and a login box (See screenshot below). The page instructs you to login with your email address and password to run a 30-second scan.

After ‘logging in’, a ‘Please wait – scanning’ message will be displayed for a few seconds. Finally, a ‘Scan Complete’ message will be shown. At this point, you may believe that the viruses have been removed and you have successfully resolved the issue.

Meanwhile, however, the criminals behind the scam can collect your login details and hijack your real email account.

They may use the hijacked account to launch further spam and scam campaigns in your name. Cybercriminals often use such virus warning notifications as a means of stealing account login details.

Be very wary of any unsolicited email that claims that you must click a link or open an attachment to deal with a virus infection or resolve an account issue.

Screenshot of the scam website: