We had a phish reported today; it came in disguised as a warning about your Yahoo account (or YAH00 account as the scammer typed). It simulates the message that Yahoo, Google, and other service providers send you when you log in to your account from a computer you’ve never used before.
This is a classic phishing scam in so many ways:
- Sense of urgency: The subject line warns that your email is being terminated, and the body says that someone tried to log in to your account from Syria. Don’t fall for the scam!
- “You are required to verify your password.” How many times do we need to remind you that no reputable organization — certainly not Yahoo — will ever ask you to click a link in email to verify your password or other account information?
- Non-standard punctuation: Why are “Attempt,” “Your,” and “Hours” capitalized in the middle of the opening sentence?
- Vague sender and receiver: No name in the “To” field of the message? And just who is “Information Security network Team Inc” [sic]?
- Why would someone with a udel.edu address be writing you about your Yahoo account?
The interesting part of this scam is the label for the second button for you to click: “Activate second sign-in” — whatever that means. We assume the scammer is trying to make you think that the second button will turn on what Yahoo calls two-step verification, what UD calls two-factor authentication (2FA).
Don’t click either button. Just delete this email scam.