Fake WiperSoft mailbox verification email tries to phish users’ login credentials
A new phishing email campaign is currently going around claiming that you need to change your password, and it’s disguised as an email from WiperSoft. The email is merely a scam trying to trick users into revealing their login credentials, and is in no way associated with the anti-virus program WiperSoft.
The email claiming to be from WiperSoft
Phishing emails are nothing new, and new campaigns emerge on a regular basis. This time, cyber criminals are sending out emails claiming that your password is about to expire soon and needs to be changed. To make them seem more legitimate, malicious actors disguise these emails as correspondence from legitimate companies. In this case, the email is made to look like it comes from WiperSoft. The anti-virus program WiperSoft has nothing to do with this phishing campaign, and its name is misused to trick users. The purpose of such emails is to phish login credentials (usernames and passwords, among other information) from unsuspecting users.
This particular phishing email campaign appears to originate from Portugal, and the sender’s IP address is 185.38.142.164. The email has “wipersoft.com Mailbox Verification” displayed in big letters, and falsely claims that because your password is about to expire, you have the option to either keep using the current password or change it. It contains a “See Keep Current Password File” button, which if clicked would either lead to a phishing site or download a malicious file onto the computer. The sites users are redirected to or the files that are downloaded may be different depending on the scam, but the purpose is the same every time.
The email displays the date and time for when the password expires, and this is done to pressure users into reacting. If users who are not very computer savvy see that their password is expiring in a couple of hours, they may react without considering the consequences and click on the button in the email. Clicking on the button would trigger a window asking to type in email login credentials to appear. If someone does type in their username and password, it would be sent to 5.206.224.194/wes/next.php. In short, it would end up in the hands of the malicious actors operating the scam.
Successful phishing attacks can lead to serious consequences, such as hijacked accounts, unauthorized purchases and even identify theft. The information is also often sold on hacker forums, as part of huge databases containing phished details of thousands of unsuspecting users. Phishing attacks are particularly dangerous for users who reuse passwords for multiple accounts. The same password will be used to try and login into various other accounts, so one successfully phished password could give cyber criminals access to many accounts.
How to recognize a phishing email
If users pay close attention when dealing with unsolicited emails that contain links or attached files, they should be able to detect a phishing attempt. In many cases, the emails contain quite a lot of grammar and spelling mistakes. It is believed that this is done on purpose to some extent in order to weed out users who are more cautious. Official correspondence from legitimate companies will rarely contain such mistakes as they are not seen as professional.
When you receive an email that contains a link or a button, you can hover over it with your mouse to see where clicking on it will actually take you. If the site does not look familiar, do not click on the link/button. And when clicking on a link leads to a site that asks you to type in your login credentials, always inspect the site’s URL. Even when phishing sites are made to look identical to legitimate ones, the site’s address will not be the same, which is why it’s the biggest giveaway.
“wipersoft.com mailbox verification” phishing email removal
The “wipersoft.com mailbox verification” email is harmless as long as you do not interact with it. You can just remove it from your inbox. However, if you clicked on the link and typed in your login credentials, you need to change your password immediately. In case the same password was used on multiple accounts, you need to change it everywhere. And you should not reuse passwords in the future, no matter how insignificant the account for which you want to use it is.
If something was downloaded onto your computer when you engaged with the email or the site to which it redirected you, there may be malware present on your computer. We strongly suggest performing a scan of the computer with WiperSoft to check for potential threats.
Site Disclaimer
WiperSoft.com is not sponsored, affiliated, linked to or owned by malware developers or distributors that are referred to in this article. The article does NOT endorse or promote malicious programs. The intention behind it is to present useful information that will help users to detect and eliminate malware from their computer by using WiperSoft and/or the manual removal guide.
The article should only be used for educational purposes. If you follow the instructions provided in the article, you agree to be bound by this disclaimer. We do not guarantee that the article will aid you in completely removing the malware from your PC. Malicious programs are constantly developing, which is why it is not always easy or possible to clean the computer by using only the manual removal guide.