“You’ve Reached Your Storage Limit Messages” Are a Con

  
     
Do You Open Every Email You Receive, Even From Senders You Don't Know?
February 16, 2017

This scam looks like just another email message from your company’s IT department. It’s so mundane, it’s easy to click without thinking. But be sure to give this email a second look before you do.

How the Scam Works

You get an email that looks like a message from your company’s IT department. The version that hit BBB inboxes has the subject line “[name]@[company.com] update required” and appears to come from info@webmaster.com.  According to the message, your email has reached the storage limit, and “you will be blocked from sending and receiving messages.” The message instructs you to click a link to validate your account and add storage.  In a clever move, the scammers even made the link look like your email address. But in the version BBB received, the link really points to a website with an overseas domain name.

Clicking the link takes you to a login form that asks you to enter your email address and password. If you do so, you receive a message confirming that the extra storage was added and the problem is fixed. But don’t believe it! The form is a fraud. It’s really a way to steal your email password, which opens you up to identity theft.  

How to Spot a Phishing Scam:

  • Be wary of unexpected emails that contain links or attachments. Do not click on links or open files in unfamiliar emails.
  • Don't believe what you see. Just because an email looks real, doesn't mean it is. Scammers can fake anything from a company logo to the "Sent" email address. 
  • Check your company's IT department or internet service provider. If something sounds suspicious, confirm it first. Contact them directly at a number you know is accurate. DON'T click on any links in the message you suspect is a scam. 
  • Be cautious of generic emails. Scammers try to cast a wide net by including little or no specific information in their fake emails. Always be wary of messages that don't contain your name, last digits of your account number, or other personalizing information. Pay attention to the ways in which your IT department normally addresses concerns and be cautious of any new method.
  • Use unique passwords: Use different passwords for each account you create. This is the simple way to reduce your risk if one password falls into the hands of scammers.

For More Information

Read more about phishing on the FTC website and see examples of common phishing scams.  To report a scam, go to BBB Scam Tracker.

For more information, please contact BBB at info@indybbb.org or 1-866-463-9222.

About BBB® Serving Central Indiana

ABOUT BBB: For more than 100 years, Better Business Bureau has been helping people find businesses, brands and charities they can trust. In 2015, people turned to BBB more than 172 million times for BBB Business Reviews on more than 5.3 million businesses and Charity Reports on 11,000 charities, all available for free at bbb.org. The Council of Better Business Bureaus is the umbrella organization for the local, independent BBBs in the United States, Canada and Mexico, as well as home to its national and international programs on dispute resolution, advertising review, and industry self-regulation. BBB Serving Central Indiana was founded in 1916 and serves 46 counties in Central Indiana.