Lawrence Abrams of BeepingComputer warns of an ongoing phishing campaign targeting users of AOL mail. The attackers try to steal users’ login names and passwords by scaring recipients of the imminent account closure.
Lawrence Abrams, the creator and owner of BleepingComputer.com, says he was contacted by his two older family members who received an email with an email subject reading “Mail Box will close in 3 days log in to re-activate.”
“We noticed you haven’t updated your account information recently, and since your security is our top priority, we plan to close this account as soon as possible. It’s going to take 3 days unless you act soon. Unless you verify this account, it will be closed in 72 hrs,” warned the email.
Like many other older internet users, his relatives weren’t ready to say good-bye to AOL, as they’d been using it for some 25 years. They forwarded the email to Mr. Abrams asking for advice.
Once the user clicks on the provided link, they will be taken to a login page that resembles that of AOL.
The form sends the entered credentials to the attackers, and the user is redirected to the standard AOL login page.
As Lawrence taught his family members how to recognize phishing scams, these two relatives did not fall victims to the scam.
Unfortunately, many people may not have received the same education and will likely enter their AOL login information, Mr. Abrams notes in a blog post detailing the find.
He advises everyone who didn’t recognize the scam and mistakenly entered their login information to immediately log in to AOL and change their passwords.
“If the site doesn’t accept your password, it’s possible the attackers already gained control over your account. In that situation, you should contact AOL support,” warns Mr. Abrams.