With cybercriminals getting increasingly sophisticated, we are issuing a strong warning to our clients and readers about rising email fraud targeting users with urgent-sounding messages about their email accounts.
These emails, often designed to look like legitimate alerts, claim that an immediate action is required to “release pending email delivery.” However, this is a phishing attempt to lure users into clicking on a fraudulent link and entering their login details. Falling for this fraud can have serious consequences, allowing cybercriminals to access your email and potentially compromise your communications.
Here are some examples of what these fraudulent messages might look like (click arrows to change):
How the Scam Works
- The Bait Message: The scam email will warn users that their email requires “immediate validation” to release pending messages or prevent their inbox from “overloading.”
- Deceptive Link: It will contain a link or button labled “Re-validate” or “Release Emails,” which leads to a fake login page. Entering your credentials on this page grants scammers access to your email account
- Consequences of Falling for the Scam: If the scammer gains access to your email, they can set up filters and create Box Trapper rules. These rules allow the scammer to intercept legitimate client emails and send fraudulent messages, putting your reputation and client relationships at risk.
- Gain Further Access to Your Systems: If your email account is linked to other systems, such as online banking or cloud services, they can potentially use your email to reset passwords or access other sensitive information.
Legitimate Email Alerts from Our Server
Our server may sometimes send you legitimate messages regarding your email usage. For example, you may receive an official cPanel alert about your mailbox nearing its storage limit. Here’s what a legitimate cPanel email message will typically include:
- Two Links: Our genuine messages will contain a link to check your disk usage and a link to disable the warning message.
- Secure Domain Address: Our messages will always contain links that follow this format:
- These URLs will include your domain name and a port number (e.g., :2096 or :2083), ensuring you’re on the correct, secure page.
We as your service provider also receive copies of these messages from the server and will proactively reach out if we notice unusual activity.
Spotting the Differences: Real vs. Fake Messages
Cybercriminals are skilled at replicating legitimate emails, even using graphics and wording that resemble cPanel notifications. Here are some ways to distinguish between authentic server messages and phishing emails:
- Suspicious Web Address: Although the link in the message might appear legitimate at first glance, hovering over it may reveal a different, potentially dangerous web address. Scammers often use similar-looking domain names or slight misspellings to trick recipients.
- Do Not Click: Avoid clicking any links in suspicious messages. Instead, go directly to your email settings via your trusted browser bookmark.
- Contact Us: If you’re ever unsure about an email, contact us immediately. We can verify the legitimacy of the message for you.
- Regularly Update Passwords: Periodically updating your email password can add an extra layer of security.
Here is an example of a fraudulent cPanel message:
Staying Vigilant Against Email Scams
Email scams can have serious repercussions, from exposing sensitive information to enabling fraudulent financial activity. To protect yourself:
- Be cautious when emails prompt immediate action.
- Review web addresses carefully before clicking.
- Reach out to us if anything appears unusual or if you have questions about any email you receive.
By following these steps and remaining vigilant, you can help protect your information and avoid falling victim to online scams. Remember, we’re here to support you – never hesitate to reach out with any concerns.