Webmail phishing was first reported earlier this year, but it has gained a higher profile in recent times. The call to action or general purpose of this attack is to obtain webmail credentials such as passwords and contact list email addresses. A number of different scenarios have been employed by webmail phishers to try and secure this information and have included:Scenario 1
“We write to bring to your notice that we will be caring out some temporary maintenance on our service due to congestion in all email accounts and we are afraid that during this process email accounts of our customers will be deactivated; but just to avoid your email account from been deactivated and to enable your records remain in our database we advice you provide us with the below information or your email account will be suspended within 48 hours for security reasons.” (sic)
“Due to spam complaints of email users in our [Name Removed] webmail system, our investigation shows that your email address is compromised and is used to send out spam message in our [Name Removed] webmail system. As a result, your Username will be disabled if you do not send us the required information within 24hrs.” (sic)