In such cases, there’s a simple way to check if you actually are on the correct website: check the URL displayed in your browser’s address bar.
Millions of people still use AOL and so scammers and identity thieves often send out phishing emails that appear to come from AOL, such as the one reproduced below.
The malicious webpage also contains an iframe that displays part of thepage.
There’s a very good reason for which the phishers have deployed this technique.
The AOL login page changes, depending on important events that take place.
By embedding part of this page into their scheme, the crooks have a higher chance of making someone believe that they’re on the right domain.
This one comes from an email address that has no relation to the company, AOL.
It does not contain any logo and it is not directed to the recipient specifically by name.
Like many similar scams, this one works by luring you into clicking on a link in the email in order to resolve an problem.
The old “update your account” scheme is probably still successful, which is most likely why cybercriminals keep coming up with new variants for it. The message is simple (via uk): As you might guess, the link doesn’t point to the legitimate AOL login page, but to a replica hosted on a site registered for free in the Czech Republic.
Many of the buttons and the links of the phony website lead to button doesn’t compare the credentials against the ones stored in AOL’s servers.
Instead, it sends them back to the cybercriminals that run the scheme.
The legitimate links aren’t the only ones that make the plot genuine-looking.