Warning: phishing attacks on mailbox.org accounts

We are currently seeing some well done phishing attacks on mailbox.org accounts. Our users are contacted by third parties and it is pretended that they urgently need to log in to mailbox.org, otherwise the account would be deleted. The aim of these mails is to steal the login data of the users.

These phishing emails contain a URL that ultimately leads to a copied (!) Login page of mailbox.org via a Google redirect. The URL address line clearly shows that this is NOT the mailbox.org web address, but a similar-sounding foreign domain.

Apparently, business accounts are also preferred, the addresses of which have been collected on the Internet.

mailbox.org immediately took extensive filter measures and was able to block and delete almost all of these phishing emails. Nevertheless, these phishing emails also reached target mailboxes in individual cases and were read before we could react.

Users who fell for this phishing attack should urgently and quickly change their mailbox.org password. To do this, log in to the web portal and change your password in the Settings area. Or request a password reset via SMS / mail link.

Otherwise, it can be expected that the attackers will soon log into the affected email inboxes with the stolen login data.