Phishers are now offering fake storage upgrades. Symanted reported: "Customers of popular email service providers have been a common target for phishers for identity theft purposes. Phishers are constantly devising new phishing bait strategies in the hope of stealing user email adresses and passwords. In April 2012, Symantec observed phishing pages that mimicked popular email services in an attempt to dupe users with attractive storage plans.
Customers were flooded with fake offers of free additional storage space for services such as email, online photo albums, and documents. In the first example, the phishing site was titled Welcome to New [BRAND NAME] Quota Verification Page. According to the bogus offer, the additional storage plan ranged from 20 GB to 1 TB per year, at no extra cost. The phishing page boasted that the free additional storage plan will help customers prevent loss of data and the inability to send and receive emails due to exhausted storage space. It also stated that the plan will auto-renew each year and the customer can choose to cancel at any time by returning to the same page." This is getting pretty sophisticated.
Here is the Symantec blog post with examples of the phishing emails:
Your users really need KnowBe4 Internet Security Awareness Training to make sure they do not fall for criminal tricks like this.
Customers were flooded with fake offers of free additional storage space for services such as email, online photo albums, and documents. In the first example, the phishing site was titled Welcome to New [BRAND NAME] Quota Verification Page. According to the bogus offer, the additional storage plan ranged from 20 GB to 1 TB per year, at no extra cost. The phishing page boasted that the free additional storage plan will help customers prevent loss of data and the inability to send and receive emails due to exhausted storage space. It also stated that the plan will auto-renew each year and the customer can choose to cancel at any time by returning to the same page." This is getting pretty sophisticated.
Here is the Symantec blog post with examples of the phishing emails:
Your users really need KnowBe4 Internet Security Awareness Training to make sure they do not fall for criminal tricks like this.