'Webmail Manager' Email Scam

Con artists are trying to obtain the email account credentials of users via a dedicated phishing portal. The scheme is propagated through lure emails presented as if being sent by the user's webmail service provider. The fake messages are designed to pressure recipients into clicking a provided button or link that will unknowingly take them to the phishing page.

In this particular scheme, the lure emails claim that users are about to have their email accounts suspended. To prevent the loss of the account, users are told that they must restore their domain server by pressing the 'Server Request' button to reset the DNS. To appear more legitimate, the messages contain details, such as the Sever IMAP address (POP3).

However, following the provided instructions will lead the recipients of the emails to a phishing page disguised as a login portal. The site will ask for an email address and its associated password to be provided. All entered information will become compromised because the fraudsters will now have access to it. Users could then lose their emails or any other accounts that use these credentials. The consequences could become even more serious if these people package the collected information and try to sell it to third parties, potentially including cybercriminal organizations.