Email Storage Exceeded Scam
This one’s been around for a while. The latest incarnation, tho, doesn’t have the usual indicators that jump out at the reader, that it’s complete BS.
Below is a Link to a Malwaretips article from 2023. As with most scams, the scammer wants the recipient to panic, and hand their credit card number over right away.
The article is rather lengthy. Lots of useful information there as to how scams like this work, and what to do if you become a victim.
_____________________________________________
Email scams are on the rise, with criminals using increasingly sophisticated techniques to trick unsuspecting victims. One such prevalent scam is the “Email Account Storage Limit Is Almost Full” phishing email. This fraudulent email aims to steal sensitive information by urging recipients to upgrade their account storage limit.
[Snip]
The “Email Account Storage Limit Is Almost Full” scam email pretends to be an alert from the recipient’s email service provider. It typically contains alarming claims that the account’s storage limit has nearly reached capacity.
Failure to immediately upgrade this limit will supposedly result in an inability to send or receive messages, eventually leading to account suspension. The email urges urgent action by clicking on an “Upgrade Now” link or button.
In reality, this is a phishing scam orchestrated by cybercriminals. The email is not associated with any legitimate email provider. The claims of reaching storage capacity and account suspension are false, intended only to trick victims.
This scam preys on recipients’ fear of losing access to an important email account. By instilling a sense of urgency, criminals increase the chances that victims will click without thinking. Their ultimate goal is to steal login credentials, financial information, or install malware.
How the Scam Works
Anatomy of the Phishing Email
The “Email Account Storage Limit Is Almost Full” scam email is carefully crafted to look authentic. It will contain several key attributes to appear convincing:
--Sender address – Uses a forged email address to mimic a legitimate provider like Gmail, Yahoo, Outlook, etc.
--Subject line – Contains provocative keywords like “Action Required”, “Security Alert”,
--“Upgrade Now” to induce urgency.
--Logo and branding – Uses the company logo and colors associated with the spoofed email provider.
--Formal tone – Written in a professional, corporate communication style.
--Threatening claims – The body contains false claims about reaching storage capacity, inability to send/receive emails, and account suspension.
--Call-to-action – Prominently displays clickable links or buttons like “Upgrade Now” to enable the scam.
What Happens After Clicking?
Once recipients click on the “Upgrade Now” link, they are redirected to a fake website impersonating a login page. This phishing site is designed to mirror the real login page, encouraging victims to enter their credentials.
In some cases, victims are asked to provide additional sensitive information beyond usernames and passwords. This may include contact details, credit card information, or social security numbers.
After submitting information on the phishing site, victims are typically redirected to the actual email provider’s homepage. This aims to further reinforce the scam’s legitimacy and avoid rousing suspicion.
Meanwhile, all data entered on the fake site is transmitted directly to the scammers. Once in possession of login credentials, criminals can access and takeover victim’s email accounts.
I check the address of the sender. I had one 2 days ago from a legit looking Australian.gov site, but I spotted the falseness tucked away between the legit looking parts.
I used to get lots but after I sent dozens off to the Australian consumer protection people, they mysteriously dropped right off.
I occasionally get that one that uses my email address so I can't reply or know who it came from that tells my they have installed a Trojan in my machine and have video of me doing X rated stuff to porn videos and if I don't deposit $Xk to their bitcoin account I'll be exposed to everyone on my email list. Big trouble there is I don't have a camera. Deleted, boom!!