Avoid this FAKE ‘email password expired’ warning

Australians have been cautioned against any emails in their inbox claiming that the recipient’s email password is expiring.

Falling for this kind of fraudulent ‘password expiring’ email could see the victim’s sensitive information and private data exploited for criminal activity, email security software platform MailGuard has warned.


In a recent blog post, MailGuard said it had intercepted a new phishing email doing the rounds that was using “social engineering tactics” to trick people.

“Scammers are targeting victims with an email titled, ‘Warning: Your email password has expired’. Recipients of this email are advised to be cautious before clicking on any links,” it said.

The email claims that the recipient must “verify before [they] can continue to use the current password”, with a blue hyperlinked button urging users to click to “keep the same password”.

'Warning: Your email password has expired' scam email screenshot
(Source: MailGuard)

Clicking on the button takes the user to the following page that asks for their email address and password.

'Sign in to continue' fake password expired scam page
(Source: MailGuard)

After keying in their private information, users’ details are then stolen and stored by the cyber criminals, with the following screen stating “Completing email update”.

“Scammers harvest these credentials under the guise of the ‘updating’ notification displayed in the green text box,” MailGuard said.

Completing email update scam window
(Source: MailGuard)

How to avoid falling for this scam

There are a few tell-tale signs that the email is a scam – if you know how to look for them. For one thing, the email does not address the user by name.

Secondly, the email is poorly and unprofessionally designed, with no explanation of why the user’s email password may need to be “verified”.

The large red font should also be a dead giveaway that the email is fake.

And finally, the page that requests the user’s email and password is a very generic stock image of a laptop, a cup of coffee, and a notebook on a wooden-look table – and even has “www.DesktopBackground.org” URL in the bottom right-hand corner.

“MailGuard urges all recipients of this email to delete it immediately without clicking on any links,” the email security software platform stated.

“Providing your personal details can result in your sensitive information being used for criminal activity.”

Several government authorities and agencies, including the ACCC, the police, banks and telco giants have ramped up warnings against scams as Australians lose a record amount of money to scammers.


Article from: au.finance.yahoo.com