Add Recovery Number Phishing Campaign
A new phishing campaign warns users to add a recovery phone number to their account with a subject line of “New Account Verification” and states that if the user does not comply, then the account will be deactivated and all of its contents will be lost permanently. If the user clicks on the “Add Recovery Number Now” link, they are redirected to a fraudulent Webmail login page. Once the user’s credentials are entered and submitted, the page redirects to an error page as the credentials are sent to the threat actor. The NJCCIC highly recommends users avoid clicking on any links contained in unexpected or unsolicited emails. If the user is uncertain of the email’s legitimacy, contact the sender via an alternate method. We advise users to refrain from responding to the email as this confirms delivery of the phishing email to the threat actor. More information can be found in the Bleeping Computer article.