Email purporting to be from the “IT Support System” claims that your version of mailbox is being discontinued and you must therefore click a link to upgrade to the new version. It warns that your email will no longer work if you do not upgrade as requested.
The email is not from any legitimate IT support system and you do not need to click a link to upgrade your email account. The message is a phishing scam designed to steal your email address and password so that your email account can be hijacked by criminals and used to launch further spam, scam, and malware campaigns.
Subject: PRIORITY: Newest Upgrade
It’s time to upgrade! Your version of Mailbox is currently being discontinued, and will
no longer work as of November 6th, 2016.
Get the newest version CLICK HERE and complete the procedure to ensure your Mailbox account is upgraded\active.
IT Support System
According to this email, which purports to be from your “IT Support System”, the current version of your mailbox is set to be discontinued and must therefore be upgraded. It warns that your email will stop working within a few days if you do not click a link to upgrade as requested.
However, the email is not from any legitimate IT support system and has no connection to your email service provider. The claim that you must click a link to upgrade you mailbox is a lie.
In fact, the email is just one in a long series of phishing scam messages that are designed to trick you into giving your email account login credentials to Internet criminals.
If you click the link, you will be taken to a bogus “Admin Sever Portal webpage (see Screenshot below) and asked to supply your email address, along with your email account username and password. If you input your details and click the “Submit” button, you will be taken to a second page that informs you that you will be contacted again shortly.
Meanwhile, the criminals can collect the information you provided and use it to hijack your email account. Once they have gained access to your account, they can use it to send out spam, scam, and malware messages in your name.
Moreover, depending on what service provider you use, the login credentials may also give the criminals access to other connected services such as cloud storage and online stores. Thus, the criminals may be able to access and steal personal files and conduct fraudulent transactions via your account.
Legitimate email and Internet service providers are very unlikely to send you an unsolicited email that demands that you click a link to upgrade a system, fix an account problem, or update account details. If you receive such an email, do not click any links or open any attachments that it contains.
It is always safest to login to all of your online accounts by entering the address into your browser’s address bar or via a trusted app.
Last updated: November 2, 2016
First published: November 2, 2016
By Brett M. Christensen