Email Account Closing Scam
Email Service Provider Closing Account
Be on the lookout for phishing attacks. We recently have been receiving multiple phishing attacks from others attempting to send fraudulent emails as the email service provider in order to get you to click on the link.. Please use caution when using email as these types of tricks are meant to fool you into taking action. See a copy of the message below:
-----Original Message----- From: eoiservice.com Email Service Providers [mailto:admin@atayaapp.org] Sent: Wednesday, March 21, 2018 9:35 AM To: jdavid@eoiservice.com Subject: Service Removal Requested(20 Mar 2018) has initiated/ FINAL WARNING Deactivation Notice Dear jdavid@eoiservice.com Our record indicates that you recently made a request to deactivate your email account. This request will be processed shortly. However, if this request was made accidentally or you have no knowledge of it, you are advised to cancel the deactivation request now using the button below. Cancel Request <http://rb772l51.ngrok.iotc/xayntc/pbf.php></a>; Regards. Email Administrator ________________________________ This message is auto-generated from E-mail security server, and replies sent to this email cannot be delivered. This email is meant for: jdavid@eoiservice.com
How to stay safe?
A fake sender’s email address:
Fake emails may include a forged email address in the "From" field. This field is easily altered. If you don’t recognize the sender of an email, contact support to verify the authenticity of the email. If you view the details of the sender you will often see it is not from who it appears to be. Generic email addresses will be used to spoof people. A missing signature if it is a known contact should also be a red flag. admin@atayaapp.org should be a red flag.
Fake links:
As described above, avoid fake links by accessing your websites directly from the browser instead of clicking a link in an untrusted email. NEVER click a .php link if you don't know what it is for or expecting it. Always check where a link goes before you click on it. You can hover your mouse over the link to look at the URL in your browser or email status bar. A fraudulent link is dangerous and can:
- Direct you to a fake website that tries to collect your personal data.
- Cause you to download a virus that could disable your computer.
- Install spyware on your system. Spyware is an application that can enable a hacker to monitor your actions and steal any login IDs, passwords, or credit card numbers you type online.
Generic greetings:
Many fake emails begin with a generic greeting like “Dear Customer” or “Dear <insert email address>” If you do not see your name in the salutation, be suspicious and do not click on any links or attachments.
A false sense of urgency:
Many fake emails try to deceive you with the threat that something is in jeopardy if you don’t provide immediate updates. They may also state that your account is being closed, unauthorized transactions have occurred on your account or that they need to update your account information immediately.
Deceptive URLs:
Check the Web address. Just because the address looks OK, don't assume you're on a legitimate site. Look in your browser's URL bar for these signs that you may be on a phishing site:
- Incorrect company name. Often the web address of a phishing site looks correct but actually contains a common misspelling of the company name or a character or symbol before or after the company name. Look for tricks such as substituting the number "1" for the letter "l" in a Web address or transposing consecutive letters of the brand (for example, rea1estate.docusign.com instead of realestate.docusign.com or www.docusing.com instead of www.docusign.com).
- Browser warnings. Your browser has ways of detecting certain types of malicious sites. Always heed these browser warnings, especially when they notice that the site or certificate cannot be trusted. Using an updated web browser like Google Chrome will automatically detect these things.
Misspellings and bad grammar:
While no one is perfect, fake emails often contain misspellings, incorrect grammar, missing words, and gaps in logic. Mistakes like this help fraudsters avoid spam filters.
Unsafe sites:
The term "https" should always precede any website address where you enter personal information. The "s" stands for secure. If you don't see "https," you're not in a secure web session, and you should not enter personal data.