Cybercriminals Are Phishing For Login Credentials of AOL Users
Fraudsters aiming to steal login credentials from AOL users are sending phishing emails that threaten recipients with account closures unless they confirm their email addresses and passwords.
The AOL phishing campaign was noticed on February 23, according to Bitdefender Antispam Lab.
Like previous email-based phishing campaigns, cybercriminals use scare tactics and subject lines ranging from “account shutdown” and”final warning” notifications.
In some versions of the scams, the threat actor provides a 24-hour window for users to verify their account credentials or risk becoming unable to receive or send emails.
Although most of the emails lack sophistication, some AOL users may still be tempted to access the fraudulent links and unwittingly give their passwords to cybercriminals.
“The password to your email is expiring today,” one of the fake emails reads. “You are required to use below to re-confirm password otherwise access to your mailbox will be denied.”
In a different version, fraudsters warn users that they have exceeded their Inbox storage and urge them to upgrade their accounts free of charge.
How to protect against phishing emails
One of the first steps when dealing with phishing attacks is to analyze the sender’s email address and the corresponding message. Phishing emails often create a sense of urgency, based on the widespread belief that most users tend to delay or postpone particular tasks – updating and verifying account credentials and passwords.
As a rule of thumb, be cautious of all communications labeled as urgent that ask you to “act now” or lose access to your account.
Do yourself a favor and head to the official website and check for news or updates, and never access the link provided in the email.
If you’re suspicious or know that you’ve entered your login credentials onto a suspicious website or link, try to reset your account password. If locked out from your account, contact the service provider for assistance and immediately change any account passwords that shared the same login credentials.
You can also check if your personal info has been stolen or made public on the internet, with Bitdefender”s Digital Identity Protection tool.
Note: This article is based on technical information provided courtesy of Bitdefender Antispam Lab.
The Holiday Guide to Tech Support: Fixing the Family Computer
November 24, 2021
Bitdefender Celebrates 20 Years of Cybersecurity Leadership
November 04, 2021
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords
October 26, 2021
What are drive-by download attacks and how do you prevent them?
October 25, 2021
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks
October 22, 2021
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals
October 20, 2021