Beware of Phishing Emails Telling You That Your Mailbox Settings Have Changed

Posted by Denise Griffitts on Oct 19, 2009 in Internet Mastery | 0 comments

This morning I opened my email client to view a flurry of phishing emails similar to this one:

From: customersupport @ yourofficeontheweb.com [mailto:customersupport @ yourofficeontheweb.com]

Sent: Monday, October 19, 2009 12:02 PM

To: mail @ yourofficeontheweb.com

Subject: The settings for the mail @ yourofficeontheweb.com were changed

Dear user of the yourofficeontheweb.com mailing service! We are informing you that because of the security upgrade of the mailing service your mailbox (mail @ yourofficeontheweb.com) settings were changed. In order to apply the new set of settings click on the following link:

I have removed the link so it doesn’t get clicked on accidentally but can tell you that there is a very long URL that they are asking me to click on.

Best regards, yourofficeontheweb.com Technical Support.

A different email for another address looked like it was a newsletter type of thing and informed me that my default setting for my mailbox had changed and I needed to download and execute a new settings file for my mailbox.

DO NOT click on anything in these emails. If you are in any kind of doubt about your email settings contact your web developer or hosting company but exercise extreme caution with these types of emails.

You can also report phishing to US-CERT who is collecting phishing email messages and web site locations so that they can help people avoid becoming victims of phishing scams.

Methods of Reporting Phishing Email to US-CERT

In Outlook Express, you can create a new message and drag and drop the phishing email into the new message. Address the message to phishing-report@us-cert.gov and send it.

In Outlook Express you can also open the email message and select File > Properties > Details. The email headers will appear. You can copy these as you normally copy text and include it in a new message to phishing-report@us-cert.gov.

If you cannot forward the email message, at a minimum, please send the URL of the phishing web site. If the suspicious mail in question includes a file attachment, it is safer to simply highlight the message and forward it. Some configurations, especially in Windows environments, may allow the execution of arbitrary code upon opening and viewing a malicious email message.

This information courtesy of US-Cert.com

**You have permission to reprint in your publication or to your website/blog any articles by Denise Griffitts found on this Website as long as Denise Griffitt’s name and contact information is included. Denise Griffitts, Virtual Assistance Industry Expert, http://denisegriffitts.com, info @ virtualassistantindustry.com, 888-719-6711.