A new phishing campaign spotted by BleepingComputer in the wild has been stealing the AOL credentials of users. The phishing email starts with a warning message saying the email account will be closed if the details are not updated and prompt them to log in to their AOL account, a phishing page collecting the credentials.
AOL Phishing Campaign Underway
AOL is something that most of us have forgotten. The several internet services of AOL were once used extensively, before the reign of Google and Yahoo. Out of all its services, the AOL search engine and the mailboxes are something that people are highly related to.
Though the presence of AOL declined now, many older adults from the โ90s and early 2000s are still using the AOL mailboxes and canโt easily move onto modern services like Google or Outlook. And this made them a target to fraudsters whoโre now running a campaign to steal such vulnerable AOL usersโ email credentials.
As reported by BleepingComputer, the ongoing campaign targets old AOL users, who cannot selectively differentiate between the genuine and spam emails and interact with them to fall prey. Stealing mailboxes of such users can help fraudsters steal funds if theyโre able to pull a scam from their banks via emails.
As noted, the phishing email has the subject as below,
โWe donโt want to say goodbye!โ
โWe noticed you havenโt updated your account information recently, and since your security is our top priority, we plan to close this account as soon as possible. Itโs going to take 3 days unless you act soon. Unless you verify this account, it will be closed in 72 hrs.โ
These types of fake warnings can trigger worry in unsuspicious users and force them to respond. This subject has a link at the end asking users to update their details. Clicking on it will take them to a poorly crafted phishing page that asks them to log in to their AOL accounts, thus stealing credentials when entered.
Thus, staying away from such emails or better reporting them as spam can help. If youโve fallen victim to such phishing campaigns, itโs recommended to log into your concerned account and change the credentials immediately. Also, change the credentials on other online accounts if theyโre being used elsewhere.