Take Note: Zoho - Review Your Outgoing Emails Scam

A Deceptive Email Masquerading as a Zoho Security Alert

The "Zoho - Review Your Outgoing Emails" scam is a fraudulent email campaign designed to trick recipients into handing over their personal login credentials. This scam disguises itself as an urgent notification from Zoho, claiming that certain outgoing emails have been blocked due to security concerns. The email includes a link that supposedly allows the recipient to review these messages, but in reality, it redirects them to a phishing page. And it has nothing to do with Zoho.

A False Sense of Urgency Manipulates Potential Victims

The fraudulent email not only warns the recipient about undelivered messages but also pressures them to act quickly by claiming that the provided link will expire within 48 hours. This tactic exploits users' fears of missing important communications, increasing the likelihood that they will follow the email's instructions without verifying its authenticity.

Here's what it says:

Subject: Secure Your Outgoing Emails

Hello,

Please review your outgoing emails at  m.zoho.com/secure/mail  through our new web secure system.

For security purposes some of your outgoing emails have been rejected and stopped from delivering. The link to Review your emails will expire in 48 hours.

Login On to Review Here»
For detailed instructions, take a look at our online help portal.

We'd love to hear your feedback. Reach us at support@zohomail.com with your suggestions or comments. Our priority is to make Zoho Mail the most reliable, efficient and fun to use email service.

Thanks for choosing Zoho Mail! We’re glad to have you with us!

- Zoho Mail Team

A Page Created to Steal Login Credentials

If the recipient clicks on the link labeled "Login On to Review Here," they are taken to a counterfeit Zoho login page. This page closely mimics the real Zoho sign-in interface and prompts users to enter their email addresses or mobile numbers along with their passwords. However, any credentials entered on this page are immediately sent to scammers.

What Cybercriminals Do With Stolen Credentials

Once scammers obtain login details, they can use them to access victims' Zoho accounts, as well as any associated email and social media profiles. This access enables them to steal sensitive information, such as financial details and identification documents, or to impersonate victims to defraud others. Additionally, stolen credentials can be sold on the dark web, facilitating further cybercrimes.

How Phishing Emails Exploit Human Psychology

Phishing emails commonly use fear-based tactics to pressure recipients into acting quickly. They often claim that an account is at risk, a payment has failed, or that an urgent security update is required. Scammers count on recipients reacting impulsively rather than scrutinizing the email for authenticity. Many phishing scams use links to fake websites that steal login credentials, while others may contain attachments that install harmful software.

Other Examples of Similar Phishing Scams

Cybercriminals frequently impersonate well-known companies to carry out phishing campaigns. Similar scams include emails pretending to be from SSL certificate providers warning about expired validation, Dropbox messages urging users to improve productivity, and fake service updates claiming changes to terms and conditions. These scams share a common goal: to steal login credentials or trick users into downloading unwanted software.

The Role of Malicious Links and Attachments

While some phishing scams rely solely on deceptive websites, others distribute threats through malicious attachments. These attachments might be disguised as PDFs, spreadsheets, or compressed files. In some cases, they require the user to enable macros or run an executable file, which then installs harmful software. Clicking on suspicious links can also lead users to compromised websites that automatically download unwanted software onto their devices.

How to Stay Safe From Phishing Scams

To avoid phishing scams, exercise caution when dealing with unexpected emails, especially those requesting personal information or login credentials. Never click on links or open attachments from unknown senders. Instead, verify the authenticity of emails by contacting the company directly through official channels. Keeping software up to date and using reliable security tools can also provide additional protection against fraudulent activities.

Final Thoughts

The "Zoho - Review Your Outgoing Emails" scam is just one of many phishing attempts targeting unsuspecting users. By staying informed about the tactics used in these scams and practicing safe browsing habits, individuals can better protect themselves from cybercriminals. Always be wary of urgent email requests and double-check the legitimacy of any communication before taking action.

By Willa
January 15, 2025
Phishing, Scam
English
January 15, 2025
Phishing, Scam

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

5 years ago

What is the OperaGXSetup.exe File and is it Malicious?

11 months ago

Eporner.com And Why Its Excessive Pop-Ups Are Risky

11 days ago

HackTool:Win32/Crack: a Malicious Threat That Can Seriously...

7 months ago

Take Note: Someone Added You As Their Recovery Email Scam

10 months ago

A Potentially Serious Threat: Trojan:Win32/Suschil!rfn

18 days ago

Related Posts

Scam

Beware of the Malicious “You Have Blocked Emails Created” Scam

The "You Have Blocked Emails Created" scam is a type of phishing attack that exploits the trust relationship between email recipients and their email service providers. It involves sending emails to unsuspecting... Read more

December 20, 2022
Scam

Beware of the Unapproved Emails Scam

The Unapproved Emails Scam is a phishing tactic designed to deceive recipients into divulging personal information. These scam emails are often disguised as notifications from reputable email service providers. A... Read more

May 24, 2024
Scam

'Review These Messages' Email Scam

After scrutinizing the email titled "Review These Messages," it has been determined to be spam. The fraudulent message falsely asserts that the recipient must verify their account to access pending emails. It is... Read more

November 15, 2023
English
Loading...

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2025 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.