'SYSTEM NOTIFICATION' Email Scam

'SYSTEM NOTIFICATION' email scam is the name assigned to a currently active malicious email spam campaign.

The emails are engineered to look like messages from a mail server that failed to deliver messages to the victim's inbox. The subject lines are tailored to create a sense of urgency as well, with some variation of "Warning: Server and firewall security system upgrade" or "System notification". While those attempts may seem half-hearted, similar messages have proven to be very effective in spurring the victim to act in the past.

A smattering of similar words are used in the email variants, all intended to get the user to act right away, such as "important", "warning", "urgent" and "now".

The full text of one variation of the scam emails reads as follows:

SYSTEM

NOTIFICATION

You have 2 unreceived emails that are stuck on the [redacted] server.

Server will automatically delete the emails within 24 hours from 5/7/2022 9:04:39 p.m. .

This was due to a system error. Rectify below now

Below this text is a large colorful "Receive Delayed Messages" button, which is the lure that triggers the scam. When clicked, the button opens a new tab that contains a phishing site and a form designed to steal victim login credentials. The malicious page is skinned and designed to resemble a legitimate email login portal.

Staying away from unsolicited emails from senders you don't recognize and never clicking any links or opening attached files in such emails is the best way to steer clear of phishing scams like this one.

May 11, 2022