AOL users are the target of a new phishing campaign
Cyber criminals are targeting AOL users because they’re an older demographic and may find it too complicated to switch to newer services
Cyber criminals have subjected AOL users to a new phishing campaign designed to steal their login details and passwords.
Researchers believe the cyber criminals target AOL users because they’re an older demographic and may find it too complicated to switch to newer services, such as Gmail or Outlook.
According to Bleeping Computer, users have received an email with the subject line "Mail Box will close in 3 days log in to re-activate.” The email urged victims to log in and verify their accounts within 72 hours or risk account deactivation.
"We noticed you haven't updated your account information recently, and since your security is our top priority, we plan to close this account as soon as possible. It's going to take 3 days unless you act soon. Unless you verify this account, it will be closed in 72 hrs," warned the fake email.
The email linked to a phishing page with the AOL logo. Once the user submitted their details, the site redirected the user to another AOL login page.
Tim Helming, security evangelist at DomainTools, told IT Pro that phishers have realized a demographic that’s more susceptible to online scams uses AOL.
“This highlights the importance of raising awareness on scammers' techniques: the savvier the user, the less effective these tactics become. Users should always question a request to update account details when it is unsolicited. The only circumstance when this might be legitimate is when the provider has a reason to believe that the account is at risk of being compromised, but even in those instances, users are invited to double-check that the information provided in the email is true and to reset their details by visiting the official website by typing the URL in their browser, rather than following a link,” Helming said.
Helming added that email security is ultimately a matter of users exercising extreme caution and email service providers committing to filtering most malicious messages.
“Only with a combination of technology and user awareness will this kind of scam become unprofitable and, consequently, less popular among criminals looking for easy gains,” Helming said.
Preparing for AI-enabled cyber attacks
MIT technology review insightsDownload now
Cloud storage performance analysis
Storage performance and value of the IONOS cloud Compute EngineDownload now
The Forrester Wave: Top security analytics platforms
The 11 providers that matter most and how they stack upDownload now
Harness data to reinvent your organisation
Build a data strategy for the next wave of cloud innovationDownload now