IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

AOL users are the target of a new phishing campaign

Cyber criminals are targeting AOL users because they’re an older demographic and may find it too complicated to switch to newer services

Cyber criminals have subjected AOL users to a new phishing campaign designed to steal their login details and passwords.

Researchers believe the cyber criminals target AOL users because they’re an older demographic and may find it too complicated to switch to newer services, such as Gmail or Outlook.

According to Bleeping Computer, users have received an email with the subject line "Mail Box will close in 3 days log in to re-activate.” The email urged victims to log in and verify their accounts within 72 hours or risk account deactivation.

"We noticed you haven't updated your account information recently, and since your security is our top priority, we plan to close this account as soon as possible. It's going to take 3 days unless you act soon. Unless you verify this account, it will be closed in 72 hrs," warned the fake email.

The email linked to a phishing page with the AOL logo. Once the user submitted their details, the site redirected the user to another AOL login page.

Tim Helming, security evangelist at DomainTools, told IT Pro that phishers have realized a demographic that’s more susceptible to online scams uses AOL.

“This highlights the importance of raising awareness on scammers' techniques: the savvier the user, the less effective these tactics become. Users should always question a request to update account details when it is unsolicited. The only circumstance when this might be legitimate is when the provider has a reason to believe that the account is at risk of being compromised, but even in those instances, users are invited to double-check that the information provided in the email is true and to reset their details by visiting the official website by typing the URL in their browser, rather than following a link,” Helming said.

Helming added that email security is ultimately a matter of users exercising extreme caution and email service providers committing to filtering most malicious messages. 

“Only with a combination of technology and user awareness will this kind of scam become unprofitable and, consequently, less popular among criminals looking for easy gains,” Helming said.

Featured Resources

Activation playbook: Deliver data that powers impactful, game-changing campaigns

Bringing together data and technology to drive better business outcomes

Free Download

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Free Download

Achieving resiliency with Everything-as-a-Service (XAAS)

Transforming the enterprise IT landscape

Free Download

What is contextual analytics?

Creating more customer value in HR software applications

Free Download

Recommended

The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022
The Total Economic Impact™ of Mimecast
Whitepaper

The Total Economic Impact™ of Mimecast

25 Apr 2022
The Total Economic Impact™ of Mimecast
Whitepaper

The Total Economic Impact™ of Mimecast

25 Apr 2022

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022