top of page
  • Admin

3-2-1…Account Deleted. Phishing Scheme Uses Ransomware Tactic To Force Action

Published: September 27, 2022 on our newsletter Security Fraud News & Alerts Newsletter.

The huge countdown clock on your screen started with 60 minutes, but now only two minutes remain. The hacker warns that if you don’t enter your login credentials, your account and those of others at work around you will be deleted. It’s a pressure-packed dilemma, so what do you do? It’s a question those caught on the hook of this unusual email phishing campaign can answer, for sure.

This scenario, especially using a countdown clock, points directly to a favorite ransomware tactic. This phishing campaign borrows the tried-and-true ransomware pressure ploy by giving the target a limited time to act before consequences follow. It’s only a ruse for this campaign since accounts don’t get deleted after the time expires. In true email phishing style, cybercriminals favor exploiting emotions, because targets are more likely to open the email and act on it.

This phishing attack is all about stealing usernames and passwords to use for future cyberattacks. Should the victim comply with the hacker’s demand, they’re told either the password is incorrect, or the login was accepted. Either way, the victim gets returned to their company’s home page and the bad actor takes off with the stolen login credentials.

Don’t Get Caught in the Chaos

If you receive a strange email about an account you have, especially from an unknown sender, it’s time to take a deep breath and think before acting. An email subject line and content playing on your emotions, such as threatening an account deletion if you don’t comply, is a major clue the hacker needs you to enable their attack.

Determining if there’s truly a problem with an account is as easy as going directly to the account in question. There you’ll find out if it’s true, for sure. Adding roadblocks like multi-factor authentication (MFA) can keep a hacker out of an account, even though they have the username and password. Anyone who worries an account has been compromised should change the password immediately, even if it’s just to feel better about its security. So, take that deep breath first and think before acting. Remember, you don’t have to get caught-up in the chaos that a tricky email phish wants to create.

Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at


bottom of page