Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    eBook    Contact
Bookmark and Share

Yahoo 'E-Mail Account Exceeded' Phishing Scam

Email purporting to be from Yahoo claims that the recipient's email account limit has been exceeded and warns that the account will be suspended if it is not verified within 24 hours.

Brief Analysis
The email is not from Yahoo. The message is a phishing scam. Those who fall for the ruse and click the link in the message will be taken to a bogus website that tries to trick them into divulging their Yahoo login details.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 17th April 2012
First published: 17th April 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Subject: Your Yahoo Account Has Exceeded..

Dear Customer,

Your E-mail account has exceeded its limit
and needs to be verified, if not verified within
24 hours, we shall suspend your account.

Click Here


Detailed Analysis
According to this email, the recipient's Yahoo account has "exceeded its limit" and therefore needs to be verified. The recipient is invited to click a link in the message to carry out this "verification" and is warned that failing to verify within 24 hours will result in the suspension of the account.

However, the message is not from Yahoo. In fact, the email is a phishing scam designed to trick recipients into divulging their Yahoo account login details to cybercriminals. Those who click the link as instructed will be taken to a fake Yahoo login page and told to login to verify their account. The bogus login page is designed to emulate a genuine Yahoo sign in page. Once they have "Signed in" on the fake site, victims will then be automatically redirected to the genuine Yahoo website. Meanwhile, the login credentials supplied by victims can be harvested by the criminals responsible for the phishing attack. Once they have procured this login information, the criminals can then access the compromised accounts, lock out their genuine owners and use the accounts for their own nefarious purposes.

Often, these criminals will use such hijacked accounts to launch further scams and spam campaigns. One such ruse is designed to trick contacts of the victim into sending money to online criminals. Once they have gained access to the hijacked account, the scammers will then send emails to all of the people on the account's contact list. These emails will falsely claim that the account holder is in a very difficult situation and desperately needs financial assistance. Usually, such emails claim that the account holder is stranded in another country without money or travel documents due to a robbery or lost baggage.

Yahoo users are regularly targeted by scammers using similar phishing techniques. Scammers have used this tactic to steal account information from users of other popular email providers, including Hotmail, Gmail and several others.

Yahoo discusses such phishing attempts on its website. If you receive one of these phishing scam messages, do not click on any links or open any attachments that it may contain.

Bookmark and Share References
Friend Stranded in Foreign Country Scam Emails
Yahoo Account Phishing Scam Email
Hotmail Account Closure Phishing Scam
Gmail Account Phishing Scam
Webmail Account Phishing Scam
How can I recognize a phishing email?

Last updated: 17th April 2012
First published: 17th April 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer