New phishing attack on Yandex.Mail users
Messages are sent in bulk to users warning that someone has logged in from their device.
The message prompts you to go to the support page if it was not the owner of the account. But on the specified page, a password change form is displayed.
In this situation, the scammers successfully picked up the sender’s email and the site’s domain. For example, in the site address, instead of “.ru” it says “.run ”.
And in the letter the sender indicated “ yandex.passport.ru“, but in fact, Yandex has the opposite: “ passport .yandex.ru“.
Even an experienced user can fall for this trick. Because the sender’s address is marked with “Sender verified and verified”.