Email Phishing Scam
Home ScamsPhishing Scams PHISHING – ‘Your Email Address Transmitting Viruses’

PHISHING – ‘Your Email Address Transmitting Viruses’

by Brett M. Christensen

Outline

Email from ‘Admin’ claims that your email address has been transmitting viruses and your account will be deactivated if you do not click a link to ‘sanitize your email account’.

Brief Analysis

The email is not from any email administrator or service provider. It is a phishing scam designed to steal your account login details via a fake login form. If you click the link and login on the fake site, your email account may be hijacked by criminals and used for spam and scam campaigns.

Example

Subject: Take note [email address removed]: Your email address will be terminated now
Dear [email address removed]

Your email address (removed) has been transmitting viruses to our servers and will be deactivated permanently if not resolved.

You are urgently required to sanitize your email or your access to email services will be terminated

Click here now to scan and sanitize your e-mail account

Note that failure to sanitize your email account immediately will lead to permanent deactivation without warning.

We are very sorry for the inconveniences this might have caused you and we assure you that everything will return to normal as soon as you have done the needful.

Admin

 

Detailed Analysis

According to this email, which claims – rather vaguely – to be from ‘Admin’, your email has been transmitting viruses to the sender’s servers. The email warns that your account will be deactivated permanently if you do not resolve the issue.

The message instructs you to ‘urgently’ click a link to run a scan and ‘sanitize your e-mail account’.
However, the claims in the message are lies designed to trick you into supplying your account login details to criminals.

Clicking the link takes you to a fraudulent webpage that includes a stolen Norton Antivirus logo and a login box (See screenshot below). The page instructs you to login with your email address and password to run a 30-second scan.

After ‘logging in’, a ‘Please wait – scanning’ message will be displayed for a few seconds. Finally, a ‘Scan Complete’ message will be shown. At this point, you may believe that the viruses have been removed and you have successfully resolved the issue.

Meanwhile, however, the criminals behind the scam can collect your login details and hijack your real email account.

They may use the hijacked account to launch further spam and scam campaigns in your name. Cybercriminals often use such virus warning notifications as a means of stealing account login details.

Be very wary of any unsolicited email that claims that you must click a link or open an attachment to deal with a virus infection or resolve an account issue.

Screenshot of the scam website:

Fake Virus Warning Email



Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer