“Your Account Is Blocked” Email Scam

Cybercriminals are increasingly turning to urgent, fear-driven phishing emails to trick users into handing over sensitive credentials. The “Your Account Is Blocked” scam is a classic example—posing as a notification from your email provider, it warns you that your account is “temporarily blocked” due to “suspicious activity.” But don’t let the panic set in—this is just a clever trap designed to steal your login info.

---

Threat Overview

Attribute	Details
Threat type	Email phishing / Social engineering / Scam
Associated domain	shavits[.]com
Detection names	Combo Cleaner (Malware), CRDF (Malicious), CyRadar (Malware), Fortinet (Phishing), Sophos (Malware)
Symptoms of infection	Unauthorized purchases, password changes, identity theft, account compromise
Damage & distribution methods	Theft of sensitive data, credential abuse, identity theft, further phishing attacks. Delivered via deceptive emails, rogue pop-ups, search-engine poisoning, misspelled domains
Danger level	High: full account takeover leading to potential identity theft and linked account breaches
Removal tool	SpyHunter – download it here

---

Email Text (Example)

Subject: Your Account Is Blocked
Body:
Your email account has been temporarily blocked due to suspicious activity. One of the recipients you attempted to message was flagged, resulting in a temporary hold.
Please VERIFY YOUR IDENTITY within the next few hours to avoid account termination.
Failure to comply will lead to loss of access.

This link directs victims to a fake login page mimicking Gmail (or another provider), where credentials are captured.

---

How I Got Infected

1. Received a legitimate-looking email with urgent, alarming wording.
2. The message warned of a “blocked” status and demanded immediate verification.
3. Clicking the link redirected me to a forged login page that felt convincing.
4. I nearly entered credentials—fortunately, detected the red flags just in time.

---

What It Does

Once credentials are entered into the fake form:

• Attackers immediately gain access to your email.
• They can read your messages, send phishing emails to your contacts, and change your settings or password.
• If credential reuse extends to other services (e.g., banking, social media), further accounts are at risk.
• May set up forwarding rules or install malware for ongoing surveillance.

---

Should You Be Worried?

Absolutely. Email serves as the key to your digital life:

• It enables password resets for nearly all services.
• Exploited email can expose your identity, contacts, financial data, and more.
• This scam is widespread—acting quickly and carefully is vital to prevent theft.

---

Verdict & What You Can Do

• Never click links in unexpected high-urgency emails—verify through official channels.
• Check the sender’s email domain—phishing emails often originate from suspicious-looking domains like shavits[.]com.
• If you clicked or entered credentials:
  • Immediately change your password from a different device.
  • Enable multi-factor authentication (MFA) on all accounts.
  • Review and revoke unauthorized login sessions.
  • Scan your system with anti-malware tools.
  • Notify affected contacts if phishing emails were sent from your account.

Manual Removal Guide: How to Identify and Remove Email Scams Yourself

Step 1: Recognizing Scam Emails

Before taking action, learn to identify email scams. Some common red flags include:

• Unknown Sender: Emails from unfamiliar addresses, especially if they claim to be from banks, tech support, or government agencies.
• Urgent or Threatening Language: Messages pressuring you to act quickly (e.g., “Your account will be suspended!”).
• Poor Grammar & Spelling Mistakes: Many scam emails contain grammatical errors.
• Suspicious Links or Attachments: Hover over links to check if they lead to an unusual website before clicking.
• Requests for Personal or Financial Information: Legitimate companies will never ask for sensitive details via email.

Step 2: Avoid Interacting with Scam Emails

If an email appears suspicious:

• Do NOT click on any links.
• Do NOT download attachments.
• Do NOT reply to the sender.

Step 3: Report the Email Scam

Reporting scam emails helps prevent others from falling victim to them:

• Gmail/Outlook/Yahoo Users: Click “Report Phishing” or “Report Spam” in your email client.
• FTC (U.S. users): Report scams to the FTC Complaint Assistant.
• Google Safe Browsing: Report phishing sites at Google’s Phishing Report.

Step 4: Block the Sender

To prevent further scam emails from the same sender:

• Gmail: Open the email, click the three dots, and select “Block [Sender Name]”.
• Outlook: Open the email, select “Junk” > “Block Sender”.
• Yahoo Mail: Click “More” > “Block Sender”.

Step 5: Check Your Accounts for Compromise

If you’ve interacted with a scam email:

• Change your passwords immediately. Use strong, unique passwords.
• Enable Two-Factor Authentication (2FA). Adds an extra security layer.
• Monitor your banking transactions for suspicious activity.

Step 6: Scan Your Device for Malware

If you accidentally clicked a link or downloaded a file, scan your system for malware:

• Windows Users (Windows Defender)
  • Go to Settings > Update & Security > Windows Security > Virus & Threat Protection.
  • Click “Quick Scan” or “Full Scan”.
• Mac Users
  • Use security software like Malwarebytes for Mac to scan for threats.

Step 7: Strengthen Email Security

• Enable spam filtering in your email provider’s settings.
• Use a third-party spam filter such as Spamihilator or Mailwasher.
• Stay educated on phishing techniques to avoid falling for scams in the future.

---

SpyHunter Removal Guide: Automated Solution for Email Scam Threats

SpyHunter is a powerful anti-malware tool designed to detect and remove phishing-related threats, Trojans, spyware, and other cyber threats. If you prefer a quick and automated solution, follow these steps:

Step 1: Download SpyHunter

1. Visit the official SpyHunter download page: Download SpyHunter
2. Click “Download” and save the file.

Step 2: Install SpyHunter

1. Open the downloaded file (SpyHunter-Installer.exe).
2. Follow the on-screen installation instructions.
3. Once installed, launch SpyHunter.

Step 3: Perform a Full System Scan

1. Open SpyHunter and go to “Malware/PC Scan”.
2. Click “Start Scan Now” to begin scanning.
3. SpyHunter will detect threats linked to email scams.

Step 4: Review and Remove Detected Threats

1. After the scan completes, SpyHunter will display a list of detected threats.
2. Click "Fix Threats" to remove them.
3. Restart your computer after removal.

Step 5: Enable Real-Time Protection

• Activate SpyHunter’s Active Guards for real-time malware protection.
• Schedule regular system scans for ongoing security.

Step 6: Keep SpyHunter Updated

• Regularly update SpyHunter to detect new threats.
• To update, go to "Settings" > "Update" and click "Check for Updates".

---

How to Prevent Future Email Scams

To avoid falling for email scams in the future, follow these precautions:

Use a Secure Email Provider

Consider using encrypted email services like ProtonMail or Tutanota for enhanced security.

Avoid Clicking Suspicious Links

Always verify links before clicking by hovering over them to see the actual URL.

Use a VPN on Public Wi-Fi

Scammers can intercept your data on public networks. Use a VPN for secure browsing.

Regularly Change Your Passwords

Use a password manager to generate and store secure passwords.

Install Anti-Phishing Browser Extensions

Use security extensions like Bitdefender TrafficLight or Avast Online Security to detect phishing attempts.

---

Email scams pose a significant risk to personal and financial security. By following this manual removal guide, you can effectively identify and remove scam emails. For those seeking a fast and automated approach, SpyHunter provides a reliable solution to detect and remove email scam-related threats.

Take Action Now

Protect your device from scam-related malware with SpyHunter: Download SpyHunter

---

Conclusion

The “Your Account Is Blocked” scam leverages fear and urgency to manipulate victims. It’s a high-risk phishing threat capable of full account compromise and downstream damage. Stay alert—beware of urgent prompts, question sender authenticity, and never use provided links; instead, navigate to services directly through trusted means.