Threat Database Phishing 'Suspension Notice' Scam

'Suspension Notice' Scam

Cybersecurity experts have identified a phishing campaign aiming to collect the users' email account credentials. The attack is propagated via spam emails claiming that the user's email account has been flagged for suspension. The name of the fake email contains the recipient's account followed by 'Verification is Required.'

Once the email is opened, users will be presented with an official-looking notification, posing as communication from the Support Center of the specific email provider. The text of the message will claim that the account will be suspended, due to a terms and conditions violation. Apparently, the only way for the user to keep their email and avoid losing access is to verify it by following the conveniently provided 'Verify Account' button.

As is the case with most phishing schemes, clicking on the button found in the email will take the unsuspecting user to a specially-crafted website. The phishing portal will appear visually similar to the victim's email service provider. The page will pose a sign-in portal and will ask users to provide their email account credentials. In reality, all entered data will be scraped and made available to fraudsters.

Using the compromised credentials, these people can assume control over the user's email and then proceed to exploit it, as part of various fraudulent activities - spreading misinformation or malware threats, messaging the victim's contacts and asking them for money or simply selling the account to any interested third party.


Most Viewed