The "Yahoo Account Important Update" Phishing Scam
From: Yahoo! <firstname.lastname@example.org>
Sent: Monday, July 10, 2017 9:50 PM
Subject: Important Update
Your Yahoo account is important to us.
We're asking all Yahoo user's to update their account, and you have refused to update your account. Therefore your account will be suspended before 24hours, and shall be opened after your update is completed on your Yahoo account.
Click Update My Yahoo for instant upgrades.
If the link in the phishing email message is clicked by the recipients, they will be taken to a phishing website and ask to sign-in. If they attempt to do so, their Yahoo account credentials (usernames and passwords) will be sent to the cybercriminals behind the scam. Once the cybercriminals have gotten the stolen credentials, they will gain access to the accounts, hijack them, and use them fraudulently.
Therefore, Yahoo users who have received email messages with a link to update their information or make changes to their accounts should always go directly to mail.yahoo.com and sign into their accounts instead of clicking on the link. Once Yahoo users have signed into their accounts, they will be noticed of changes or updates, if there are any. Going directly to mail.yahoo.com and signing in from there is only guaranteed way of preventing Yahoo users from becoming victims of phishing scams.
Yahoo users who have already been tricked by the phishing scam are asked change their passwords immediately before their accounts are hijacked and used fraudulently. If their accounts have already been hijacked by cybercriminals, they can click here for instructions to regain access to their accounts.