Phishing techniques: Expired password/account - Security Boulevard

Phishing techniques: Expired password/account


Nowadays, a fair number of phishing attacks have been linked to expired password scams. This is a tactic used to steal identifying information and account access by luring users into entering their credentials in a webmail or webpage able to collect them. Every computer or mobile user of the internet can be a potential victim.

Best Reviews, a site that guides consumers on best products (including best password management apps) and services, points out that fake password reset emails are actually one of the oldest internet scams.

The scheme is actually effective as it bets on the fact that users are very often asked to update their passwords periodically; therefore, these requests can seem legitimate. There are, however, ways for users to recognize the scam and defend their system.

What does an expired password phishing scam look like?

Phishers sometimes craft emails that seem to be from a genuine service or website, requesting that users change their password as soon as possible before it expires. This tactic can scam unwary users.

The scheme is familiar. Phishers distribute a malicious link or attachment to extract login credentials and account info directly from the user so as to gain privileged access to secured data. The message is often urgent and pushes the target to act quickly.

Let’s see a few examples. The following (shared by Imperva) illustrates a common phishing scam attempt:

  • A spoofed email ostensibly from is mass-distributed to as many faculty members as possible
  • The email claims that the user’s password is about to expire. Instructions are given to go to to renew their password within 24 hours

Once the user clicks on the link, different actions can occur. For example:

  • The user is redirected to a page that looks like part of the myuniversity. (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Brecht. Read the original post at: