Outline
Email from ‘Admin’ claims that your email address has been transmitting viruses and your account will be deactivated if you do not click a link to ‘sanitize your email account’.
Brief Analysis
The email is not from any email administrator or service provider. It is a phishing scam designed to steal your account login details via a fake login form. If you click the link and login on the fake site, your email account may be hijacked by criminals and used for spam and scam campaigns.
Example
Subject: Take note [email address removed]: Your email address will be terminated now
Dear [email address removed]
Your email address (removed) has been transmitting viruses to our servers and will be deactivated permanently if not resolved.
You are urgently required to sanitize your email or your access to email services will be terminated
Click here now to scan and sanitize your e-mail account
Note that failure to sanitize your email account immediately will lead to permanent deactivation without warning.
We are very sorry for the inconveniences this might have caused you and we assure you that everything will return to normal as soon as you have done the needful.
Admin
Detailed Analysis
According to this email, which claims – rather vaguely – to be from ‘Admin’, your email has been transmitting viruses to the sender’s servers. The email warns that your account will be deactivated permanently if you do not resolve the issue.
The message instructs you to ‘urgently’ click a link to run a scan and ‘sanitize your e-mail account’.
However, the claims in the message are lies designed to trick you into supplying your account login details to criminals.
Clicking the link takes you to a fraudulent webpage that includes a stolen Norton Antivirus logo and a login box (See screenshot below). The page instructs you to login with your email address and password to run a 30-second scan.
After ‘logging in’, a ‘Please wait – scanning’ message will be displayed for a few seconds. Finally, a ‘Scan Complete’ message will be shown. At this point, you may believe that the viruses have been removed and you have successfully resolved the issue.
Meanwhile, however, the criminals behind the scam can collect your login details and hijack your real email account.
They may use the hijacked account to launch further spam and scam campaigns in your name. Cybercriminals often use such virus warning notifications as a means of stealing account login details.
Be very wary of any unsolicited email that claims that you must click a link or open an attachment to deal with a virus infection or resolve an account issue.
Screenshot of the scam website:
