Once the cybercriminals have stolen their potential victims' online account credentials, they will use them to gain unauthorized access to their accounts, hijack the accounts, and use them fraudulently.
A Sample of the Phishing Email
From: MICROSOFT [firstname.lastname@example.org]
Date: 2016 11 23 9:12
Subject: Your Online Account Is About To Be De-Activated
Out Dated Security
Your email security is running on out dated security which is not safe, We hereby advice you to update your email security by clicking Sign In for instant security update below or risk being de-activated
* need security upgrade now
It is important you update your account security now to meet the 2017 security standard for a safer and secure mail
SIGN IN FOR INSTANT UPDATE
Instead of clicking on a link to sign into their accounts, online users should always go directly to their online account providers’ websites and sign into their accounts from there. Once they are signed-in, they will be notified of updates, changes or other important notifications.
Online users who have already been tricked by the phishing e-mails are asked to change their online account passwords immediately, before their accounts are hijacked and used fraudulently. For those online users whose online accounts have already been hijacked, are asked to contact your I.T support team or their online account providers for help.