Home Archive Webmail Account Phishing Scam

Webmail Account Phishing Scam

by Brett M. Christensen

Outline:
Emails claim that recipients must confirm or re-validate their account by clicking a link or opening an attachment and providing username and password details or their webmail account will be permanently closed.


Brief Analysis:
The emails are phishing scams designed to trick users into submitting their email account login details to cybercriminals.

Example:

From: Webmail Technical Support Team.
Subject: TECHNICAL SUPPORT

THIS MESSAGE IS FROM OUR TECHNICAL SUPPORT TEAM:

This message is sent automatically by our web mail team. If you are receiving this message it means that your email address is about to be deactivated; this was as a result of a continuous error script code: 505 receiving from this email address and too many of spam emails in your Account. You are kindly please advised to respond to this e-mail within the next 48 Hours with the necessary information below to keep your account active. All entries to be forwarded directly to Maintenance/Upgrade Team.

First Name:_________________
Last Name:________________
Phone:________________
Username:_________
Password: ______________
Re-Confirm Password:_______
Any Other Web mail Address:___________
Password/Applicable:__________________
Account Deactivation: ____________ (specify yes to deactivate. No to keep
active)

IMPORTANT NOTICE: Please your information is safe and secure with us.

WARNING: Failure to reset your email by ignoring this message or in putting Wrong information will result to deactivation of this email address. Sincerely,

Webmail Technical Support Team.
Copyright © 2012 Web mail Account Service. All rights reserved

From Email Helpdesk Centre
Subject: Dear Subscriber

Dear User;

We are updating our database and e-mail accounts. To this effect, deleting all unused E-mail account and create more space for new accounts. To ensure that you do not experience service disruption during this period, you need to provide the following details as stated in the link below;

To re-validated your account, click the link below or copy paste on your web browser
[Link Removed]

Warning!!! Account owner that refuses to update his or her account before two weeks of receiving this warning may lose his or her account permanently.

Thank you for using our mail system System Administrator.

Subject: Dear Webmail Subscriber Confirm Your Account.

From: “WEB SUPPORT TEAM”

Dear Webmail Account Owner,

This message is from web mail admin messaging center to all web mail account owners. We are currently upgrading our data base and e-mail account center. We are canceling unused web mail email account to create more space for new accounts.

To prevent your account from closing you will have to update it below so that we will know it’s status as a currently used account.

CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username : ………….
Email Password : …………….
Date of Birth : ……………..

Warning!!! Any account owner that refuses to update his or her account within Three days of this update notification will lose his or her account permanently.

Thank you for using web mail
Support Team
Warning Code :ID67565434



Detailed Analysis:
These unsolicited emails warn recipients that their webmail accounts will be closed if the account is not updated or re-validated within a specified time frame. Many of the messages instructs users to confirm their identity by replying to the email with the webmail account username and password and other personal information.
Nor will user accounts be closed if the requested information is not supplied. Instead, the messages are attempts by Internet criminals to fool unsuspecting webmail users into handing over their account details. Victims who comply with the instructions in the phishing scam emails will in fact be providing the scammers with the means to directly access their webmail accounts. Once armed with the victim’s account details, the scammers can login to the webmail account, steal any personal information listed therein, and use the account for sending further spam or scam emails. The scammers can also harvest any email addresses included in the account’s contact list and add them to spammer databases.Other versions instruct users to click a link and supply account login credentials

The messages is not from any official webmail “support team” or help desk as claimed.
Scammers regularly use such ruses to trick recipients into compromising their webmail accounts. However, such scam emails are more commonly targeted at specific webmail providers such as Yahoo. In this case, the scammers have apparently attempted to steal information from users of any webmail service by sending out a generic message that does not name a particular service provider. The message implies that there is some central webmail administrator that oversees all webmail accounts. However, this is simply untrue. There are now thousands of different webmail providers both large and small. Each is independently operated and they are certainly not under the control of some central administrative entity. A legitimate webmail administration message will clearly identify the company that provides the service via company names, links or logos. Generic admin messages that do not identify the name of the service provider are unlikely to be genuine.

Moreover, your webmail provider is very unlikely to request your username and password via email. While some providers may close inactive accounts after a specified period, they will not demand that the user provide sensitive information via email or risk losing their account within a few days. Any unsolicited email that makes such a demand is likely to be fraudulent. You should treat as suspect any email that claims that you will lose your account if you do not provide private information via email or a website. Do not reply to such emails or click on any links that they may contain.


First published: August 27, 2008
By Brett M. Christensen
About Hoax-Slayer

References
Yahoo Account Phishing Scam Email

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer