Your Online Access has been temporary disabled

One of the latest email spams targeting to attract clicks is coming in to your email account with the subject as “Your Online Access has  been temporary disabled“.

The email contains:-

Dear yourname@domainname.co.uk,

Your Online Access has been temporary disabled.
Someone with ip address 42.128.***.*** tried to login
into your account from unrecognised device.
Please click on the link below to restore your online access
and confirm your identity.
We strongly recommend you to restore your online access
within 72 hours after this message was delivered.
Otherwise your account will be closed due to the Terms of Use of the Service.
Restore your Access.

The wording “Restore your Access” is a hyper link that the sender intends you to click on.

The send of the email is setup to suggest it is sent from “Customer Support” however if look at the email address used it is clear to be SPAM:-

bf88808d@sensesofcinema.com

9f8587@sierraknolls.com

da13006a@rmhmixers.eu

788ee8a@smartwatertech.com

bfa515@halas.net

d4ce6a0@arnoldi-design.com

094718f4@lookers.co.uk – Note: this is not a genuine email address used by Lookers Motor Group even thou the domain looks to be correct http://www.lookers.co.uk/

Looking at this in detail the emails we have been made aware are point to:-

http://sogefoires.com/err_log/sub/activate.html
http://tabl.o-i-t.ru/err_log/sub/activate.html
http://ermena.com/err_log/sub/activate.html
http://69.24.68.62/err_log/sub/activate.html
http://avenuediscount.fr/err_log/sub/activate.html
http://banqueteselfrijolin.com/err_log/sub/activate.html
http://mk1fnml15o.seredbxhjk.org/76eapqhz56
http://aalborg-hotyoga.dk/err_log/sub/activate.html
http://amkauto-eg.com/err_log/sub/activate.html
http://capitalpropertyadvisors.com/err_log/sub/activate.html

Note: All above links are being sent to “#” to prevent problems

The IP Address’s we have seen used in the emails are:-

42.128.130.243
42.128.69.220
42.128.87.152
42.128.187.129
42.128.188.193
42.128.13.77
42.128.224.234
42.128.13.128
42.128.155.149
42.128.151.109
42.128.192.26

We recommend that you delete these emails should you receive them.

If you need any help or support please get in touch with us.