Wednesday, 12 Jun 2024

How to Spot Phishing Emails: The “Saved Passwords Were Found Online” Scam

some of your saved passwords were found online

Phishing emails continue to be a significant threat to individuals and organizations worldwide. In this article, we will dive into the details of a specific phishing email known as “Saved Passwords Were Found Online”. We will discuss how this scam operates and provide valuable tips on how to identify and avoid falling victim to such deceptive tactics.

What kind of scam is “Saved Passwords Were Found Online”?

Upon reviewing the email, we determined that its purpose is to deceive recipients into divulging sensitive information. The email claims to alert recipients about a data breach and encourages them to check their passwords by visiting a specified webpage. However, the provided link directs users to a phishing page aimed at capturing their login credentials.

More about the “Saved Passwords Were Found Online” scam email

This phishing email is designed to deceive recipients by claiming that some of their saved passwords have been discovered online. The email states that these passwords were exposed in a data breach from a website or application that recipients use. It attempts to create a sense of urgency by suggesting that their accounts may be compromised.

To supposedly secure their accounts, the email prompts recipients to review their passwords immediately by clicking the “Check passwords” icon/button. It also provides a link, which it claims will show security activity. However, in reality, the email is a phishing attempt to trick recipients into visiting a fraudulent webpage and divulging their login credentials.

Tham Khảo Thêm:  CJIS Password Policy Requirements

Saved Passwords Were Found Online email spam campaign

Once scammers obtain login credentials, they can engage in various malicious activities. They may attempt to gain unauthorized access to the victim’s accounts, such as email, social media, or online banking, enabling them to carry out identity theft, financial fraud, or unauthorized transactions.

Additionally, scammers can exploit the stolen credentials to send phishing emails or messages to the victim’s contacts, spreading malware or tricking others into disclosing their personal information. Sometimes, the stolen credentials may be sold on the dark web, further compromising the victim’s security and privacy.

Types of malicious emails

Phishing emails often employ social engineering techniques to create a sense of urgency, fear, or curiosity, compelling recipients to take immediate action. They commonly mimic the appearance and branding of legitimate organizations or other entities, using logos, email templates, and (or) domain names that closely resemble genuine ones.

Typically, phishing emails frequently contain deceptive links or attachments that, when clicked or opened, redirect users to fraudulent websites or install malware on their devices. Examples of phishing emails are “Your Outlook Is Full Email Scam”, “The Bored Ape Pixel Club Email Scam”, and “American Express Credit/Refund Adjustment Message Email Scam”.

How to spot a malicious email?

While cybercriminals try to make their lure emails look trustworthy, here are some things to look for when trying to spot a phishing email:

  • Check the sender’s (“from”) email address: Hover your mouse over the “from” address and check if it’s legitimate. For example, if you receive an email from Microsoft, be sure to check if the email address is and not something suspicious like,,, etc.
  • Check for generic greetings: If the greeting in the email is “Dear user”, “Dear”, “Dear valued customer”, this should raise suspicion. Most commonly, companies call you by your name. Lack of this information could signal a phishing attempt.
  • Check the links in the email: Hover your mouse over the link presented in the email. If the link that appears seems suspicious, don’t click it. For example, if you received an email from Microsoft and the link in the email shows that it will go to…, you shouldn’t trust it. It’s best not to click any links in the emails but to visit the company website that sent you the email in the first place.
  • Don’t blindly trust email attachments: Most commonly, legitimate companies will ask you to log in to their website and view any documents there. If you receive an email with an attachment, it’s a good idea to scan it with an antivirus application. Infected email attachments are a common attack vector used by cybercriminals.
Tham Khảo Thêm:  The Tesla Supercharger Hack: Cut Your Road Trip Stopping Time In Half

To minimize the risk of opening phishing and malicious emails, we recommend using Combo Cleaner Antivirus for Windows.

Frequently Asked Questions

Why did I receive this email?

Criminals send identical messages to a large number of recipients, aiming for someone to be deceived by them. These spam emails lack personalization as they are mass-distributed.

I have provided my personal information when tricked by this email, what should I do?

If you have inadvertently provided your personal information in response to this phishing email, start by changing the passwords for the accounts that you believe may have been compromised. If you notice any unauthorized changes, report them to the respective service providers immediately.

I have downloaded and opened a malicious file attached to an email, is my computer infected?

If you have downloaded and opened a malicious file attached to an email, there is a possibility that your computer could be infected. It depends on the file type.

I have read the email but did not open the attachment, is my computer infected?

No, simply opening an email without clicking on any links or opening attached files is considered harmless. When you interact with the contents of the email (click on links or open attachments), you become exposed to potential system infections or security risks.

Will Combo Cleaner remove malware infections that were present in an email attachment?

Certainly, Combo Cleaner possesses the ability to detect and remove the majority of known malware infections. However, it is important to note that certain sophisticated malware variants may reside deep within the system, making their detection and removal more challenging. In such cases, performing a comprehensive full-system scan is highly recommended.

Tham Khảo Thêm:  Password Manager: The Key to Secure and Hassle-Free Password Management

By staying vigilant and following these guidelines, you can protect yourself from falling victim to phishing emails and keep your personal information secure. Remember, it’s always better to err on the side of caution when it comes to suspicious emails. Stay safe and protect your digital wellbeing.


Phishing emails continue to be a significant cybersecurity threat. The “Saved Passwords Were Found Online” scam is just one example of the various tactics employed by cybercriminals. It’s crucial to stay informed and educated about these scams to protect yourself and your sensitive information. Always be skeptical of emails that ask for personal information or prompt you to click on suspicious links. By following the guidelines provided in this article, you can spot phishing emails and minimize the risk of falling victim to such scams. Stay safe online!