'Web Access for the 2022 Version' Email Scam

The fraudsters are using bait emails to trick unsuspecting users into divulging their email account credentials. The 'Web Access for the 2022 Version' phishing campaign involves the dissemination of thousands of spam emails. These spam messages are designed to appear as if they are coming from the user's email service provider. Furthermore, they claim that all mailboxes must be updated to a new Web Access 2022 version. Failure to complete the update would supposedly result in the email account being deactivated.

The spam emails then direct users towards clicking the provided 'WEB ACCESS' hyperlink to supposedly enable the update. However, the link will open a dedicated phishing page posing as a login portal. It asks visitors to provide their email credentials (email address and password). All entered data will be extracted and sent to the fraudsters.

With access to the email account, the con artists can escalate their reach and compromise other user accounts for social media platforms, messaging applications and more. Depending on their particular goals, the fraudsters can try to spread malware payloads to the user's contact list, disseminate disinformation, or try to sell the acquired access to third parties, including various cybercrime groups.