Some inept email phishing today.
Email with partial headers showing origin below.
The idiot didn't even forge the "from" address.
Note the last line quoted at bottom for phisher's web link:
> Received: from t-online.de (TtwlMcZewhR74hPIpAu7hhSv9Jc83ODOf+5WUQxREmRpRJmUD11qiZMtbpxmEZ2ZWy@[18.104.22.168]) by fwd05.t-online.de
> with (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384 encrypted)
> esmtp id 1kzlI1-3OCVv80; Wed, 13 Jan 2021 19:54:41 +0100
> From: "Account Management"<email@example.com>
> To: firstname.lastname@example.org
> Subject: Auth Required - Important Secure Mail Upgrade/Changes
> Date: 14 Jan 2021 02:54:41 +0800
> Important SONIC Email Changes :
> New features and updates for your sonic.net Email has been released and we are
> writing to inform you before we apply them to your Email Account. We extensively
> increased our spam filtering database to detect and analyze commonly used spam
> keywords, robo-junk senders and other forms of junk messages. Internal storage
> capacity has also been increased to 10GB for standard users and 20GB for
> Due to the nature of this recent changes, we may hold incoming messages if we
> have not received your authorization on or before January 20, 2021 to apply this
> new changes to your sonic.net Email.
> We have made the authorization process easy, you may proceed to authorize this
> changes at webmail2.sonic.net/v17?PrivacyUpdate <https://moucon.co.za/>.