'Important Update from Mail Server Registrar' Email Scam

Infosec researchers uncovered a phishing scheme that aims to collect users' email credentials and thus provide unlawful access to their accounts to third parties. The operation consists of the dissemination of thousand upon thousands of lure emails, claiming to be an 'Important Update From Mail Server Registrar.'

The bait emails contain several false and misleading claims aimed at convincing users to click the link provided in the message. First, the fraudsters claim that several outgoing emails couldn't be delivered to their intended recipients. As a result, the user's account has supposedly been hit by a mail delivery suspension for both outgoing, as well as incoming emails. To create further panic, the tricksters claim that this will be a permanent issue, unless users follow the provided link by clicking the 'LOGIN TO RESOLVE NOW' button and then signing into their email account.

Unknown to the users, the link leads to a specially crafted phishing page made to resemble a legitimate log-in portal. Upon entering their email credentials (email address and password), the information will become available to the con artists. This could result in the victim losing access to any additional accounts registered to the compromised email.

As for the fraudsters, they can abuse the credentials to escalate their reach and begin spreading disinformation, distribute corrupted payloads, or siphon funds out of any finance-related accounts. The collected information also could be offered for sale to third parties that may include cybercriminal groups.