- Popular
- Most Commented

Online Threat Alerts (OTA)

An anti-cybercrime community alerting you to scams and frauds.

The Fake "AOL Request to Remove Account from Server" Email

35
35
1,754
1

Mar 29, 2019 2019-03-29T16:07:07-05:00
Mar 29, 2019 2019-03-29T16:09:22-05:00

Online Threat Alerts (OTA)

The Fake AOL Request to Remove Account from Server Email

The fake AOL email removal request below is a phishing scam. Therefore, AOL users who have received the same email are asked to delete it and not follow the instructions in it. The phishing scam is being sent by cybercriminals to trick AOL users into clicking on the link in it, which goes to a phishing website that steals AOL email account username and password.

Advertisements - Continue reading below

The Fake "AOL Request to Remove Account from Server" Email

From: AOL - GHFGHGRIOTUGjflksdjflj@senstead.com

Sent: Fri, Mar 29, 2019 12:39 pm

Subject: Your account will be deactivated

Hello,

This is to inform you that your request on: 28/03/2019 2:07:11 p.m. to remove your account from AOL server has been approved and will initiate in one hour from the exact time you open this message. Regards.

ignore this message to continue with email removal or

If this deactivation was not requested by you

Please reply us.

Regards,

NOTE: If You Receive This Message In Your Junk or Spam Its Due to Your Internet Provider

AOL

AOL users who have already received the phishing email message, and who have followed the instructions in it, are asked to change their AOL account passwords immediately before their accounts are hijacked by cybercriminals and used fraudulently.

AOL users should never click on a link to sign into their accounts, they should instead, go directly to https://www.aol.com and sign-in from there. They will be notified of important changes or alerts after signing in if there is any.

Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search engine. Search

Write your comment or view the ones below. +

Save

Was this article helpful?

Advertisements - Continue reading below

Comments, Answers, Reviews or Questions

To protect your privacy, please remove sensitive or identifiable information from your comments, questions, or reviews. Please keep conversations courteous and on-topic.

Comments 35

Sep 22, 2020 at 12:58 AM by info

From: Aol! Mail Date: September 21, 2020 at 5:30:07 PM CDT To: TRJCPA@aol.com Hello, This is to inform you that your request on: 21/09/2020 2:07:11 p.m. to remove your account from Aol server has been approved and will initiate in one hour from the exact time you open this message. Regards. ignore this message to continue with email removal or If this deactivation was not requested by you Please press Not spam and enter your email! click here Regards, Aol

Sep 13, 2020 at 9:18 PM by info

"From: Aol! Mail Date: September 11, 2020 at 8:46:18 PM CDT Subject: trjcpa,Your Account Will Be Deactivated Hello trjcpa, This is to inform you that your request on: 11/09/2020 2:07:11 p.m. to remove your account from Aol server has been approved and will initiate in one hour from the exact time you open this message. Regards. ignore this message to continue with email removal or If this deactivation was not requested by you Please press Not spam and enter your email! click here Regards, Aol" Here is another scam.

Apr 9, 2020 at 7:26 PM by info

"From: AOL Sent: Thu, Apr 9, 2020 6:28 pm Subject: trjcpa, Your Account Will Be Deactivated Hey trjcpa, This is to inform you that your request on: 11/04/2020 to remove your account from AOL server has been approved and will initiate in one hour from the exact time you open this message. Ignore this message to continue with email removal or If this deactivation was not requested by you Please reply us. Thanks, AOL" Here is another scam.

Mar 26, 2020 at 9:39 AM by info

"From: Aol! Mail Sent: Wed, Mar 25, 2020 4:19 pm Subject: trjcpa,Your Account Will Be Deactivated Hello trjcpa, This is to inform you that your request on: 25/03/2020 2:07:11 p.m. to remove your account from Aol server has been approved and will initiate in one hour from the exact time you open this message. Regards. ignore this message to continue with email removal or If this deactivation was not requested by you Please reply us. Regards, Aol" Here is another scam.

Mar 8, 2020 at 3:21 PM by info

"From: The Aol Accounts Sent: Sun, Mar 8, 2020 11:19 am Subject: Account Deactivation Request kicjanmm. The request was received from your Aol account on mars 07, 2020 23:15 GMT. Sometimes these requests are made in error. If this deactivation was not requested by you, we ask that you submit your password in reply to this email. Once the current password on the account is verified the deactivation request will be canceled and your account will remain active. Be advised, once an account is deactivated it cannot be recovered. Thank You, The Aol Team" Here is another scam.

Feb 9, 2020 at 10:41 PM by an anonymous user from: Cleveland, Ohio, United States

I am not sure what this is. My phones have been being cloned and hacked, I never had an AOL account. I am in Akron ohio. Alot of other websites Idk what they are. yuherelev@gmail.com @gmail.com

Sep 18, 2019 at 4:54 PM by an anonymous user from: Elmwood, Michigan, United States

Here is another scam:
"From: " ð€ðŽð‹ ð’ðžð«ð¯ð¢ðœðž "
Reply-to: ,,,,,,,,
To: xxxxxx@aol.com
X-Originating-IP: 193.36.62.167
Date: Wed, 18 Sep 2019 11:00:00 -0400
Content-Length: 337
Hello,xxxxxx
Your account access has been limited.
If you choose to ignore our request, you leave us no choice but to temporary suspend your account
We appreciate your understanding as we work to ensure account safety
reply to see the actions you should take to make your account more secure.
Thank you for using AOL"

Aug 29, 2019 at 6:15 PM by an anonymous user from: Elmwood, Michigan, United States

"From: Aol! Mail
Return-Path:
Received: from 127.0.0.1 (EHLO sacio.mincesburch.com) (91.143.83.26)
Hello xxxxxxx,
This is to inform you that your request on: 08/28/2019 2:07:11 p.m. to remove your account from Aol server has been approved and will initiate in one hour from the exact time you open this message.
Regards.
ignore this message to continue with email removal or
If this deactivation was not requested by you
Please reply us.
Regards,
Aol
Reply-to: ,,,,,,,,,"
keep getting these funny emails...

Aug 31, 2019 at 5:28 AM by an anonymous user from: Elmwood, Michigan, United States

"From: Aol! Mail
Subject: xxxxxx,Your Account Will Be Deactivated
To: xxxxxx@aol.com
Reply-to: ,,,,,,,,,
Date: Fri, 30 Aug 2019 13:57:54 -0400
Hello xxxxxx,
This is to inform you that your request on: 08/29/2019 2:07:11 p.m. to remove your account from Aol server has been approved and will initiate in one hour from the exact time you open this message.
Regards.

ignore this message to continue with email removal or

If this deactivation was not requested by you

Please reply us.
Regards,
Aol"
Here is another scam.

Aug 1, 2019 at 5:59 AM by an anonymous user from: San Francisco, California, United States

Sooo,
These guys obviously need a return address for you to reply to. The email address they have sent the email from is fake and can't be replied to. The reason they have so many return addresses is to camouflage the one they are using i.e. ,,,,.
After looking into info@creativemedias.io I discovered it's not associated with any website or business. I looked deeper...
This showed me where the domain was hosted:
DNS-response creativemedias.io is 212.***.***.148
I ran a port scan...
Initiating SYN Stealth Scan at 09:28
Scanning 212-***-***-148.rev.***.eu (212.***.***.148) [1000 ports]
Discovered open port 587/tcp on 212.***.***.148
Discovered open port 110/tcp on 212.***.***.148
Discovered open port 993/tcp on 212.***.***.148
Discovered open port 25/tcp on 212.***.***.148 < This is what I was looking for!
That last port is an email server!
So I then connected to that server...
Trying 212.***.***.148...
S-chain-<>-127.0.0.1:9050-<><>-212.***.***.148:25-<><>-OK
Connected to 212.***.***.148.
Escape character is '^]'.
220 scienceindirect.net ESMTP Sendmail 8.14.7/8.14.7; Thu, 1 Aug 2019 04:36:08 -0400
helo scienceindirect.net
250 scienceindirect.net Hello ***.org [23.***.***.154], pleased to meet you.
This turns out to be an open relay server meaning it can send emails as anyone to anyone. Hence masking the real email address when sending the email.
I then used their email server to send them an email to info@creativemedias.io warning them of consequences.
I won't stop there but the people running these scams are not clever people, they prey on the naive and vulnerable. I only did this tonight because I received one of these emails from "Aol" and decided to act.
I'd be interested if anyone would like to send me the source code of the emails they are getting on this.
vwfhxexp@newtmail.com
Thanks

Aug 29, 2019 at 6:21 PM by an anonymous user from: Elmwood, Michigan, United States

Just got it today; have had many of these but this is the first in about 3 weeks:
"X-Originating-IP: [91.143.83.26]
Received: from 127.0.0.1 (EHLO sacio.mincesburch.com) (91.143.83.26)
by mta4147.aol.mail.bf1.yahoo.com with SMTP; Thu, 29 Aug 2019 16:42:22 0000
From: Aol! Mail
Subject: xxxxx,Your Account Will Be Deactivated
Hello xxxxx,
This is to inform you that your request on: 08/28/2019 2:07:11 p.m. to remove your account from Aol server has been approved and will initiate in one hour from the exact time you open this message.
Regards.
ignore this message to continue with email removal or
If this deactivation was not requested by you
Please reply us.
Regards,
Aol"

Advertisements - Continue reading below

Write Your Comment, Answer, Review or Question

Enter comment, answer, review or question.