Email services providers offer a lot of storage space for their customers, but some individuals might still be displeased. Cybercriminals are relying on this in their latest campaign in which they offer highly-tempting storage plans for free.
Experts from Symantec have come across such schemes in which the fraudsters promise extra storage space for email, pictures and documents.
The trick is that they make the offers on behalf of a reputable company, which automatically means that users who want to accept the deal have to sign in to their accounts. Of course, the login page is not the legitimate one, but a replica controlled by the cybercrooks.
So once users log in on the phony page, they actually hand over their credentials to the ones that run the operation.
To avoid raising any suspicion, the fake sites are well designed and they display a notification which informs the potential victim that the “new plan” goes into effect only 24 hours later. In this 24-hour interval, the fraudsters have time to change the password, or they can simply use the account to launch a quick spam campaign.
If you come to realize that you have been tricked, the best thing to do is to quickly change your password.
To avoid ending up in such a situation, you must always be wary of the links you click on, especially if they’re received via unsolicited email. Also, the website on which you provide your username and credentials must always be hosted on the official domain and not something that appears to be similar.
For instance, if you want to sign in to your Gmail account, you must be on the gmail.com domain and not on one that looks something like gmail.phishing.com.