Medium
A silly phishing campaign is underway where the attackers state that the target’s password will expire and be changed unless they login and confirm that they want to keep it the same. The phishing email states that the users need to click on the “Keep same password” button or their password will expire. Given below is the email body.
Once the target clicks on the “Keep same password” link they will be brought to a page asking them to login to their mail server.
When the user enter their login credentials, the attackers will now have their login credentials and will be able to access the email account.