The newest ploy by phishers circulating the Internet now is a “keep your current password” scam. The email (full text below) claims that your account expires today!!! and if you “kindly” use the button below, you can continue to use your current password. The reasons given for requiring this verification is to “shut down robot or malicious users”.
If you “kindly” click on the button, you will be asked to log in to your email account, at which point the phishers have your current password and proceed to use your account to send phishing and spam emails or try to access your other accounts where you might have reused that same password.
Here’s the full text (with example.com used as the domain):
Your account xxx@example.com password expires today 11/11/2019 6:26:44 a.m.
Please kindly use the button below to continue with the same password
Keep same password
NOTE : This is a one time user verification carried out in purpose to provide a more secured platform and shut down robot or malicious users created in purpose of spamming and other fraudulent activities .
Copyright © 2019 example.com security management
Notice the poor grammar and the use of “kindly” in the message, plus the very real fact that if your password is expired, that means it is time to CHANGE it, not reuse it.
If you receive an email like this, please simply report it using the “Report Email As Phishing” button or delete it.
If you have any questions, please email infosec@berry.edu or give me a call at x1750 (706-236-1750).
If you have already received an email like this and decided to “keep your password”, please immediately change your password, and email computing@berry.edu to report the incident.