Phishing email from “Zimbra Webmail Team”

By | January 13, 2020

We’re seeing more phishing email aimed at Zimbra accounts.  This example came from a hacked account in Sri Lanka, claiming to be from “Zimbra Webmail Team”:

Your Mail Box Exceeded it storage limit CLICK HERE TO UNBLOCK  or use
the link below Fill and click SUBMIT for more space or you won’t be
able to send/receive Mail.

<bogus link removed ...>

Verify Now
Best Regards,
2019/2020 © Mail Report.

The idea is to trick you into entering your email address and password on the bad guys’ server so they’ll be able to hack your account.

Our Barracuda spam filtering blocks 99%+ of this stuff, but some still gets through.

Be on the alert for suspicious-looking messages.  This one wasn’t well done, but we’ve seen some that were pretty clever, with good formatting, logos, etc.

If you want to check your disk space on a Zimbra account, log on to webmail – you’ll see an indicator in the upper-right corner that shows where you stand in terms of storage allowance.

If you want to change your password on a Zimbra account, log on to webmail and click “Preferences”.