AOL users are the target of a new phishing campaign

Cyber criminals are targeting AOL users because they’re an older demographic and may find it too complicated to switch to newer services

Cyber criminals have subjected AOL users to a new phishing campaign designed to steal their login details and passwords.

Researchers believe the cyber criminals target AOL users because they’re an older demographic and may find it too complicated to switch to newer services, such as Gmail or Outlook.

According to Bleeping Computer, users have received an email with the subject line "Mail Box will close in 3 days log in to re-activate.” The email urged victims to log in and verify their accounts within 72 hours or risk account deactivation.

"We noticed you haven't updated your account information recently, and since your security is our top priority, we plan to close this account as soon as possible. It's going to take 3 days unless you act soon. Unless you verify this account, it will be closed in 72 hrs," warned the fake email.

The email linked to a phishing page with the AOL logo. Once the user submitted their details, the site redirected the user to another AOL login page.

Tim Helming, security evangelist at DomainTools, told IT Pro that phishers have realized a demographic that’s more susceptible to online scams uses AOL.

“This highlights the importance of raising awareness on scammers' techniques: the savvier the user, the less effective these tactics become. Users should always question a request to update account details when it is unsolicited. The only circumstance when this might be legitimate is when the provider has a reason to believe that the account is at risk of being compromised, but even in those instances, users are invited to double-check that the information provided in the email is true and to reset their details by visiting the official website by typing the URL in their browser, rather than following a link,” Helming said.

Helming added that email security is ultimately a matter of users exercising extreme caution and email service providers committing to filtering most malicious messages. 

“Only with a combination of technology and user awareness will this kind of scam become unprofitable and, consequently, less popular among criminals looking for easy gains,” Helming said.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
86% of organizations expect a cyber attack in the next 12 months
cyber attacks

86% of organizations expect a cyber attack in the next 12 months

3 Aug 2021
Chipotle’s marketing email hacked to send phishing emails
phishing

Chipotle’s marketing email hacked to send phishing emails

29 Jul 2021
Colonial Pipeline hack spurred copycat attacks on other oil and gas companies
hacking

Colonial Pipeline hack spurred copycat attacks on other oil and gas companies

29 Jul 2021

Most Popular

UK gov considers blocking Nvidia's takeover of Arm
Acquisition

UK gov considers blocking Nvidia's takeover of Arm

4 Aug 2021
RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Preparing for AI-enabled cyber attacks
Whitepaper

Preparing for AI-enabled cyber attacks

22 Jul 2021