Phishing messages are emails sent by scammers that pose as legitimate notices from Yandex, banks, and other official organizations. The goal of such messages is to make you enter your password or credit card information into a fake field.

Learn more about fraudulent email (phishing)

Scammers send fake email on behalf of companies and services that you use: social networks, postal services, government agencies, or payment systems. The email messages are written and formatted in a convincing way to avoid suspicion. The sender's name and address also looks similar to the real ones. Hackers disguise phishing email in hopes you won't notice the difference.

The messages usually try to persuade you to click the link inside and enter some personal data (your account passwords, credit card number or PIN, etc.) for some supposedly important reason. The link leads you to a fake website. These sites usually mimic the appearance of their real counterparts, so it's quite easy to be misled into entering personal data on such a website. Scammers get the information they need and use it to send spam to other users, get access to your social network account, or even steal money from your bank account.

Attention. Yandex will never send email asking you to follow a link and enter personal data.
How to tell a phishing email apart from a real one

Make sure to check the addresses of links. To learn where a link leads to, hover over it without clicking. You will see the address in the bottom left corner of the window.

A Yandex address follows the format or must always be followed by the / symbol, not a dot. If the address you see is different, contains typos, or has a random string of symbols, don't click it.

If you did click a link, check the site address in the browser address bar.

How to prevent becoming a victim of fraud
  • Carefully check all incoming email messages and link addresses.
  • Never pay for purchases or bills you don't remember. Never send text messages to suspicious phone numbers and never share your Yandex password.

Yandex.Mail marks all phishing emails with a special warning:

If you discover a phishing or otherwise suspicious email that is not marked with a warning, please let us know using the feedback form and include its properties.

If you fall victim to fraud
  • Contact the police if funds have been unlawfully debited from your account.
  • If you followed a phishing link, check your computer for viruses using free antivirus programs, like CureIt! by Dr.Web or Kaspersky Virus Removal Tool.
  • If you shared your password on a phishing page, make sure to change your Yandex ID password, link your phone number to your account, and change your security question and answer. First you should check your computer for viruses, though. If you lost access to your account, follow the instructions to restore access.
If a phishing email is not marked with a warning

If you discover a phishing or otherwise suspicious email that is not marked with a warning, please let us know using the feedback form and describe it.