Threat Database Phishing Password Verification Email Scam

Password Verification Email Scam

Fraudsters are using lure emails to try and obtain the email login credentials of unsuspecting computer users. This phishing tactic, the 'Password Verification' email scam is presented as an urgent warning that the user's email account is going to be deactivated due to its password expiring at a certain date. The con artists will try to convince their victims that the only way to keep the email account and continue using the current password is by reconfirming it by following the link provided in the lure message.

Of course, none of the claims found inside the misleading emails are true. They are simply designed to scare users into clicking on the 'Click to reconfirm >>' button. This will take the victim to a dedicated phishing portal disguised as a login page. However, all account credentials and other information entered into the page will be scraped and made available to the operators of the scheme.

The exact consequences for the users whose email accounts were compromised would depend on the particular goals of the people handling the scheme. They may use the access to the email to extend their reach to other connected accounts, such as those for social media platforms or messaging applications. These people could then spread misinformation, run additional tactics or spread harmful malware threats. Alternatively, they could package all of the collected data and offer it for sale to any interested third parties.


Most Viewed