Remove “Review Important Messages” email

The “Review Important Messages” email is part of a phishing campaign that targets users’ email account login credentials. The email claims that users have important unread emails, which can be viewed by clicking on the “Review Messages” button. If users click on the button, they will be redirected to a phishing website that asks users to log in to their email accounts. The site is a phishing site so if users type in their credentials, they will be stolen by malicious actors.

 

 

This phishing email is disguised to look like a notification email from your email service provider. It informs you that some of your unread emails are being held for you to review within 36 hours. As far as phishing emails go, this one is quite generic. It’s not very convincing either, as email providers do not send such emails to customers. The email has a “Review Messages” button, which if clicked will take users to a phishing site.

The email includes a “Review Messages” button to supposedly review the unopened emails. However, clicking this button redirects them to a phishing site that claims their session has expired and prompts them to log in to their email account. The phishing site is not a particularly convincing imitation of Google’s login page but it might trick users not familiar with phishing sites. If users type in their email credentials, they will be immediately transferred to the cybercriminals operating this phishing campaign. This stolen login information can be used to take over accounts or sold to other cybercriminals on dark web forums.

There are many reasons why email credentials are very sought after by malicious actors. First of all, email accounts hold a lot of users’ personal information. If someone has the same email account for years, it will have loads of sensitive data on it. What’s more, email accounts are usually linked to many other accounts. Therefore, if cybercriminals can gain access to someone’s email account, they can access various connected accounts.

The full text from the “Review Important Messages” phishing email is below:

Subject: Active Pending Notification

Review important messages

Some messages are being held for you to review as of 1/7/2025 3:25:10 a.m.
Review them within 36 hours of the received date

Release most priority message below

Recipient ********
Subject Active Pending ******** Past Overdues

Date 1/7/2025 3:25:10 a.m.

Review Messages

©️ 2025 ********. All rights reserved.

How to spot a phishing attempt

Phishing emails can often be easily identified if they target many users. Sophisticated phishing emails are usually reserved for specific targets as they require more effort. Fortunately for the vast majority of users, they likely won’t be targeted by personalized attacks. If they learn the signs of a phishing email, they should be able to identify them quite easily. Signs include grammar/spelling mistakes, random-looking sender email addresses, generic greetings, etc.

All unsolicited emails with an attachment or a link need to be carefully checked. The first step is to check the sender’s email address. If the address seems odd or random, the email is more than likely either spam or malicious. However, some phishing emails may come from addresses that seem more credible. Cybercriminals often use clever tactics to disguise their email addresses, such as substituting similar-looking characters (for example, using “rn” instead of “m” or adding extra letters). Thus, it’s important to check the email address carefully, even if the email appears to be from a familiar sender. In the case of the “Review Important Messages” email, the sender’s address is clearly fake.

Another clear indication of a phishing email is poor grammar and spelling. If you receive an email claiming to be from a legitimate company and it is riddled with errors, it’s likely a malicious or spam email.

If an unsolicited email includes a link prompting you to log in to your account, do not click on it. If you hover your mouse over the link, you will see what site the link will take you to. In the case of the “Review Important Messages” email, the link directs you to a clear fake Google login page. The page does look similar to Google’s login page but it’s not an identical copy. Even if it were a flawless copy, the URL would still give away a phishing attempt. Checking the URL is a good way to avoid becoming a victim of a phishing attack. Always double-check the URL before logging in, and it’s generally safer to access your accounts directly by entering the website address in your browser instead of clicking links or buttons in emails.

Remove “Review Important Messages” phishing email

You can safely remove “Review Important Messages” email from your inbox if you get it. Do not interact with it, click on any links, or attempt to log in. If you’ve already fallen for this phishing attack, change your email password immediately. Additionally, consider activating two-factor authentication to enhance your account’s security. If you’re unable to access your account, ensure you unlink the email from all related accounts.