Remove “Removal Of Dormant/Inactive Accounts” email

The “Removal Of Dormant/Inactive Accounts” email is part of a phishing campaign targeting users’ email account credentials. The email falsely informs the recipient that they must confirm that their account is still active by clicking the provided button. Otherwise, the email account will supposedly be deleted if it’s not confirmed. However, if users engage with the email, they will get the login credentials phished and the account potentially hijacked.

 

 

“Removal Of Dormant/Inactive Accounts” emails are part of a phishing campaign aimed at stealing users’ email login credentials. These types of emails are very common and easy to recognize. The email typically contains little text and doesn’t contain a lot of information, merely warning the recipient that their email account will be deleted unless they confirm that it’s still active. Supposedly, dormant/inactive accounts will be deleted. The email contains a “Confirm Here” button for users to supposedly confirm their accounts’ activities.

The email contains a button to supposedly confirm that the email account is active. When users click on this link, they will be directed to a phishing website that prompts them to enter their email addresses and passwords. Once they submit their login information, it will immediately be transferred to the cybercriminals operating this campaign.

Email account credentials are a hot commodity among cybercriminals for several reasons. First of all, they contain a lot of personal and sensitive information about users. Furthermore, email accounts are connected to many other accounts. Gaining access to an email account could result in other accounts being hijacked as well. This could lead to very serious consequences as users’ important accounts could be taken over. To prevent this from happening, users need to be very careful with their email login credentials. Becoming familiar with the signs of a potential malicious email is also important.

The full text from the “Removal Of Dormant/Inactive Accounts” email is below:

Subject: [-]: Please confirm to continue.

– ,
Here is a notification to confirm – is still active Begins removal of dormant/inactive accounts.

Please confirm immediately

Click ‘below to continue.

Confirm Here

How to recognize phishing emails?

Generic phishing email campaigns that target random users are usually very obvious and easily avoidable. Users whose email addresses have been leaked are likely to receive these generic phishing emails at least once. Fortunately, they are easily identifiable because they’re very low-effort. More sophisticated phishing emails are generally reserved for high-profile targets as they require more preparation. Generic, low-effort phishing emails are usually sent from random-looking email addresses, contain many grammar/spelling mistakes, and just generally look very unconvincing.

When users receive an unsolicited email from a service they seem to use and it asks them to click on a link or open an attachment, users need to be very careful and first inspect the email. The very first thing to check is the sender’s email address. Very low-effort emails will be sent from very random-looking email addresses, so they are immediately obvious. Even if an email address looks legitimate, users should at least do a quick search with Google to see whether the address belongs to the person or organization it claims to represent. Some malicious actors employ various tactics to make the addresses appear more credible. For instance, they might swap the letters “r” and “n” for “m” to closely mimic a legitimate address. They could also add extra letters.

Low-effort phishing emails, such as this “Removal Of Dormant/Inactive Accounts” email, tend to have a lot of grammar/spelling mistakes. This email doesn’t have a lot of text but there’s a lot of obvious mistakes. It does not look even remotely professional enough to be sent by an email service provider.

Another thing to take note of is how an email addresses the recipient. Users’ names are usually used in emails from legitimate companies if they use their services as this makes the email seem more personal. However, phishing and other malicious emails use generic words like User, Member, Customer, etc., when addressing recipients. This particular email uses the email handle when addressing the recipient, which is an immediate giveaway that it’s not a legitimate email as email service providers would use names.

When dealing with unsolicited emails, users should carefully inspect them and use logic to determine whether it’s even possible for them to receive such emails in the first place. For example, this “Removal Of Dormant/Inactive Accounts” email is very obviously fake if you take a second to consider its content. There’s never a need to confirm that an email address is still being used, regardless of the email service provider.

Finally, it’s advisable to avoid clicking on links in emails. If there’s a problem with your account, it’s better to log in directly rather than using a link in an email. For instance, if you get an email from Netflix regarding a payment failure, you should visit the site and resolve the issue directly instead of clicking on the link provided in an email.

Remove “Removal Of Dormant/Inactive Accounts” phishing email

The “Removal Of Dormant/Inactive Accounts” email is harmless as long as users don’t engage with it. Users can just remove the email from their inboxes. If users have engaged with the email and typed in their email login credentials, they need to change the password immediately if their accounts can still be accessed. If accounts can no longer be accessed, users need to contact their email service providers to see whether it’s possible to get the accounts back. If not, the email address should be disconnected from all associated accounts to avoid them being hijacked as well.