A Sample of the "Yahoo Email Client SSL Server Upgrade" Email Scam
From: Yahoo ! <firstname.lastname@example.org>
Subject: Server Upgrade
Date: May 4, 2017 at 2:45:06 AM CDT
Dear [email address removed],
A recent security upgrade in our SSL server requires you to update your Yahoo Email Client information by clicking the link below in order to enjoy the new upgrade. Failure to Upgrade now will result to a permanent account closure.
According to provision 17.9 of Terms and Conditions, Yahoo Mail may at anytime terminate its services for accounts.
Upgrade [email address removed]
Yahoo Mail Team
This is an auto-generated email. Please do not reply.
2017, All Rights Reserved.
Yahoo users should never click on a link to sign into their accounts; they should instead, go directly to mail.yahoo.com or yahoo.com and sign-in from there. Once they are signed in, they will be alerted to updates, changes or other important notifications. Going directly to Yahoo’s website to sign into their accounts, will protect Yahoo users from phishing links that go to fake websites that steal usernames and passwords. Phishing websites steal their visitors’ usernames and passwords by asking them to sign into their accounts on the same fake website. Once visitors to the websites attempt to sign-in, their usernames and passwords (credentials) will be sent to the cybercriminals responsible for the phishing websites. As soon as the cyber criminals receive their potential victims’ usernames and passwords, they will sign into their accounts, hijack and use them fraudulently.
Yahoo users who have been tricked by the "Upgrade to Yahoo Mail 9.1" email scam, are asked to change their Yahoo passwords immediately before their accounts are hijacked and used fraudulently.