'Your Password Has Been Changed' Email Scam

Fraudsters are sending out lure emails claiming to be a notification from an email service as part of a phishing tactic. These emails contain fabricated messages designed to convince users to click on a provided button that will take them to a dedicated phishing portal, disguised as a legitimate login page.

Recipients will notice that the subject line of the fraudulent emails contains the words 'Password changed.' The email itself will prominently display a message similar to 'Your password has been changed.' The con artists claim that the account password has been changed as requested by the users themselves. Recipients are then given two options to proceed. They can keep the current unknown password or contact the provided support page for more info. No matter if users click on the link to the support page or the 'Keep Current Password' they would be taken to the same destination - a hoax website designed to appear as a legitimate page for Yahoo, Google, Bing, or other email service provider, depending on the user's email address. The phishing site will ask users to provide their account credentials to access their email accounts. All information entered into the site will be scraped and made available to the fraudsters.

Victims of the scheme risk losing control over their emails, as well as various sensitive information being compromised. The con artists also could use the misappropriated accounts to spread more spam messages, distribute malware threats, conduct various frauds, etc. They also could try to expand their reach and access any other of the victim's accounts that reuse the already compromised credentials.