Threat Database Phishing 'SYSTEM NOTIFICATION' Email Scam


The 'SYSTEM NOTIFICATION' email scam tries to trick users into divulging their email account credentials via decoy emails and a dedicated phishing portal. As such, cybersecurity experts have classified this operation as a phishing tactic. So far, two different variants of the lure email have been identified, but the differences between them are extremely minor.

The subjects of the disseminated emails could be a variation of 'Warning: [email address] Server and firewall security system upgrade' and 'System Notification.' These false notifications state that two emails have failed to be properly received by their email accounts and are now stuck on the email service provider's server. To create a sense of urgency, the lure emails claim that the two non-existent emails will be kept on the server for only 24 hours, after which they will be deleted automatically.

To gain access and see these supposedly important messages, the emails direct users into clicking the presented 'Receive Delayed Messages' button. Doing so will open a phishing portal masquerading as an email login page. Users will be asked to enter their account credentials. However, all information provided to the site will then become available to the fraudsters. The operators of the tactic could use the compromised email accounts to escalate their reach and take over any other accounts registered with the same email. These may include social media platforms, banking institutions or payment services. The con artists also may put together all of the collected information and offer it for sale on underground forums.


Most Viewed