Remove “New Web Browser Just Signed In” phishing email

The “New Web Browser Just Signed In” email is part of a phishing campaign that tries to steal users’ email login credentials. The email is disguised to look like a security alert from the email provider and informs that someone tried to log in to the account. The email asks whether the login attempt was from the email recipient and has three buttons that all lead to a phishing site that asks users to log in to their email accounts. If users fall for this phishing campaign, their passwords will be exposed and email accounts hijacked.

 

This “New Web Browser Just Signed In” email is part of a generic phishing campaign targeting email login credentials. Emails part of this phishing campaign explain that recipients’ email accounts may have been accessed by someone else. The email asks that users verify that the login attempt was made by them by clicking one of the provided buttons. The email contains “Yes”, “No”, and “I’m not sure” buttons that users are asked to click on. The email resembles the security alerts sent by email providers when users log in to their accounts from an unrecognized device.

The full text from the “New Web Browser Just Signed In” phishing email is below:

Subject: New Sign-in to your mailbox –

Hi – ,

A new web browser just signed in to your Webmail account -. To help keep your account secure, let us know if this is you.

Is this you?

When: –
What: Chrome on Windows

Yes No

I’m not sure

Learn more on how to protect your account .

Thanks,
– The Webmail Team

When users click one of the buttons provided in the email, they are redirected to a web page that resembles a legitimate email service provider. The site displays a login window. If they enter their passwords, this information is sent straight to the cybercriminals running the phishing campaign. These malicious actors may either use the stolen credentials for their own purposes or sell them to other cybercriminals.

Email login credentials are highly sought after by cybercriminals because not only do email accounts contain loads of personal information but they’re also connected to many other accounts. Gaining access to an email account allows cybercriminals to hijack other connected accounts as well.

How do you recognize phishing emails?

Phishing campaigns that target a large group of users with the same email are typically easy to spot because they are often vague and generic. These low-effort spam emails usually lack credible information and contain many errors. Emails that target specific individuals, on the other hand, tend to be more sophisticated and harder to recognize as malicious. Fortunately, most users encounter generic phishing emails.

If you receive an unsolicited email asking you to take some action (e.g. clicking a link or opening an attachment) the first thing you should do is verify the sender’s email address. Some malicious email addresses may look suspicious from the very beginning, making it easier to identify phishing attempts. However, malicious actors may employ techniques to disguise their email addresses, such as replacing letters or adding extra characters. If an email address looks legitimate, you should still look into it. You can do this by using a search engine to check whether the email address belongs to the person or organization it claims to represent.

An obvious sign of a phishing attempt is poor grammar and spelling. Such emails often contain numerous mistakes that are quite easy to spot. This particular “New Web Browser Just Signed In” phishing email does not have a lot of text so there are no obvious mistakes. However, this is quite rare as you can usually spot several immediately.

You should take the time to analyze emails carefully before taking any action, particularly if the email urges you to click on links or open attachments. In this particular case, you can go to your email account and check whether there are any logins from unknown devices. There is no need to click on the link.

“New Web Browser Just Signed In” phishing email removal

Simply delete “New Web Browser Just Signed In” email if it lands in your inbox. If you have already opened the email and entered your login details, be sure to change your password right away, assuming you still have access to your account. It’s also recommended to review your account activity for any signs of unauthorized access. If you’re unable to access your email account, contact your email service provider for assistance. Additionally, remember to unlink your email address from other accounts to prevent those accounts from being compromised as well.