On this occasion, a brief addition to our previous Article about phishing mails using the example of a phishing method that is currently making waves:
Recently, there has been an increase in phishing emails purporting to come from large Internet providers such as Strato or 1und1, informing the addressee that their email inbox is full and that the storage space of their email account has been exhausted. As a result, the sending of e-mails is disrupted or no longer possible, so that immediate action is necessary. Of course, there is also a request to click on a link and log in to the linked page with their e-mail access data in order to solve the problem.
The creation of pressure to act combined with the request to disclose your own access data on a linked page are already two important and typical warning signals for phishing attempts in general. The other features mentioned in our general article can also help to uncover the dubious background of the messages in this case.
Never enter your e-mail access data on the linked website or any other unknown websitebecause you are giving unauthorized persons access to your mailbox so that they can send (mass) emails in your name, view your contacts and read your messages. It can be even worse if the login details provided can be used for other accounts than just the one mailbox, which is generally not a good idea (see -> Access data under control).
If you have disclosed your e-mail access data in response to such a phishing e-mail ...
... change immediately the access data for your mailbox. You may find that the senders of the phishing emails are the first to issue new access data, so that you can no longer log in with your own data. This problem arises in particular if the email access data can also be used to log into the account management of your web host. In this case contact your hoster immediatelyto rectify the problem.
... check whether mails have already been sent in your name, often initially to your contacts. Have you received any feedback or queries regarding suspicious messages from people on your contact list?
... inform your contacts so that they are prepared for any fraudulent messages from your address.
... check whether other accesses (hoster login, online shopping accounts, etc.) can be used with the captured access data, change the access data for these services immediately if necessary and check the corresponding accounts for suspicious transactions.
... in the event that damage has actually occurred, contact your hoster or providers of other affected services. If necessary, consider taking legal action and seeking legal advice.