Email Exceeded Storage Limit Phishing Scam
OutlineEmail claims that the user's email account has exceeded its storage limit and instructs him or her to reply with the account username and password in order to restore full functionality. Some versions ask users to click a link in the message.
Pin to share (Pic will Pin larger)
Brief AnalysisThe message is not from any system administrator or support team nor is it from Outlook, Hotmail, or any other email service provider. The email is a phishing scam designed to trick users into divulging their email account login details to Internet criminals.
VERIFY THIS EMAIL ADDRESS TO AVOID IMMEDIATE CLOSURE
We have recently confirmed that your mailbox has exceeded the limit of 30 GB, which is as set by your manager and your are currently at 30.9GB. Different computers have logged into your mailbox account and multiple password errors have been entered. We are hereby suspending your account; as it has been used for fraudulent purposes. Now we need you to reconfirm your account information to us. Click your reply tab, fill in the columns below and send it back to us or your email account will be suspended permanently and you will not be able to create new e-mail to send or receive again until your reconfirm your account information.
Date of Birth ..............................
Country or Territory......................
Here are some ways to help you manage your account after you reconfirm your account. Create an archive - Set up a folder on your PC’s hard drive where you can save large attachments. Then just delete them from your inbox. You’ll still have them and your in-box will be that much smaller. Make your filters work for you- Did you know you can set up your E-mail account to immediately delete junk e-mail? Go toOptions, and click Filters and reporting. Under the “Delete junk e-mail” section, select immediately to delete junk e-mail right away. Once you’re finished, click Save and you’re done. Delete a bunch of mail at once- Go to your Junk and Deleted folders, and clear them out by clicking the “Empty”button in the action bar. Sincerely, The Email Service Team
In order to verify your e-mail and lift the suspenion limit, please verify your hotmail information on the link below:
Subject: Dear Webmail User
The assigned storage limit of your mailbox has been exceeded due to the high rate of spam/junk mails, and incoming mails are currently being rejected. For re-validation, click the below link and fill the form to increase your quota limit.
©2013 Technical Support Team.
From: SYSTEM ADMINISTRATOR
Subject: Confirm Your Account
Your E-mail has exceeded 2 GB which was established by our website
administrator, you are currently runing at 2.30GB, you can not send or
receive new messages until you confirm your mailbox. Complete the form below
to verify your account.
Fill in the required form below to cornfirm your account and sent the
(4) Confirm Password:
Subject: RE; Your E-MailBox Has Exceeded Storage Limit!
RE; Your E-MailBox Has Exceeded Storage Limit!
Your Emailbox has exceeded the storage limit. You may not be able to send or receive new mail until your mailbox size is increased by your System Administrator.
To help us re-set increase the size on our database prior to maintain your Mailbox, you must contact your system administrator via Email with these informations, to increase your storage limit automatically. You do not need to be present at our Office.
You will continue to receive this warning message periodically if your inbox size continues to exceed its size limit or between 18MB and 20 MB.
This message, which purports to be from the "System Administrator", claims that the recipient's email account has exceeded its storage limit and the sending and receiving of email may therefore be disrupted. The message instructs the recipient to reply to the email with his or her username and password so that the "System Administrator" can reset the account and increase the size of the database storage limit. A later version of the scam askes users to reply with account details to "confirm" the mailbox.
In some variants, users are asked to click a link to supply their username and password.
However, the message is not from the "System Administrator" or anyone else at the account holder's email service provider. Instead, the message is a phishing scam designed to trick recipients into handing over their web mail login details to Internet criminals.
Those who reply to the message with their login details as instructed will in fact be handing over access to their webmail account to scammers who can then use it as they see fit. Once in their victim's email account, these criminals can then use the account to send spam messages, or in many cases, send other kinds of scam emails.
Scammers often use such compromised email accounts to launch instances of the "stranded friend" scam. In this scam, criminals use a hijacked email account to send out messages to everyone on the account's contact list. These emails claim that the account holder is stranded in a foreign country without money or resources due to a robbery. They ask the recipient to send money urgently to help their "friend" return home. Because the messages are being sent from the victim's own webmail address and are likely to include his or her real name and email signature, at least a few recipients are likely to believe the claims in the email and send money as requested. Of course, any money sent will be pocketed by the criminals running the scam. Meanwhile, the real owner of the compromised account may not even be aware that his or her account is being used for such nefarious purposes.
Webmail accounts sometimes do exceed their allotted quota and some mail systems may send out automated messages informing their users of this. However, no mail administration system is ever likely to ask users to send their username and password via an email in order to fix an over-quota account. Users can normally remedy the problem of an over-quota account themselves by simply logging in and freeing up room by deleting unnecessary emails.
Scammers regularly use such tactics to steal login information. Some scam emails may claim that the user must submit login details to prove his or her identity after a system upgrade. Others, like the one discussed here, claim that there is a problem with the account and the user must send login information so that the "problem" can be rectified. Be wary of any unsolicited message that asks you to supply your webmail login details by replying to an email. All such requests are likely to be scams.
© Depositphotos.com/ weerapat
Last updated: October 27, 2014
First published: November 29, 2009
By Brett M. Christensen