Exceeded Storage Limit Scam Email
Home ScamsPhishing Scams Email Exceeded Storage Limit Phishing Scam

Email Exceeded Storage Limit Phishing Scam

by Brett M. Christensen

Outline:
Email claims that you have exceeded the storage limit for your mailbox and, therefore, your email account will be closed if you do not click a link to increase your storage capacity.




Brief Analysis:
The email is not a legitimate support notification. It is a phishing scam designed to steal your email account password.  There have been many variations of this scam message. Such scams have been targeting email users for many years. If you receive one of these emails, do not click any links or open any attachments that it contains.

Example:
Subject: You Have Exceeded The Storage Limit For Your Mailbox !
Dear [email address removed]

Your E-mail Account will be closed if you fail to increase Storage capacity Kindly Click here to increase your storage capacity by 30.00GB Free..

Click here to add up free 20GB storage.

If not gotten from you in the next 24 hours, We shut down your E-mail Account,Until after proper verification before you can access your E-mail Account Again….!!!Thanks.
Domain Security 2016/2017.Email Exceeded Storage Limit Phishing Scam





Detailed Analysis:
According to this email, you have exceeded the storage limit for your mail box. The message warns that, if you fail to increase your storage capacity, your email account will be closed. It instructs you to click a link to increase your storage and thereby resolve the issue.

However, the email is certainly not from any legitimate email service provider and the claim that your email account will be closed if you do not click to increase storage capacity is untrue. Instead, the email is just a crude phishing scam that is designed to steal your email account password. Clicking the “add free storage” link takes you to a fraudulent web page that asks you to enter your email address and email account password into a login box. If you click the “continue” button, you will see a message that advises that your extra storage capacity has been added and the problem with your account has been fixed.

But, alas, online criminals can now collect the details you supplied and use them to hijack your email account. Once they have gained entry, they can use your account to send spam, scam, and malware emails in your name.

And, if the  email address and email password that you entered on the fake form also provides access to connected services such as online stores and cloud storage, the scammers can gather even more of your personal information and conduct fraudulent transactions in your name. In fact, the criminals may manage to harvest and collate a large amount of your personal information and they may be able to use this information to steal your identity.

The “exceeded storage limit” scam tactic goes back many years. Such scam emails have been hitting inboxes for at least a decade. Some, such as the 2009 version I have included below, simply asked victims to reply to the email with their account username and password:

From: System Administrator
Subject: RE; Your E-MailBox Has Exceeded Storage Limit!

Attention:

RE; Your E-MailBox Has Exceeded Storage Limit!

Your Emailbox has exceeded the storage limit. You may not be able to send or receive new mail until your mailbox size is increased by your System Administrator.

To help us re-set increase the size on our database prior to maintain your Mailbox, you must contact your system administrator via Email with these informations, to increase your storage limit automatically. You do not need to be present at our Office.

Username: …………….
Password:……………..

You will continue to receive this warning message periodically if your inbox size continues to exceed its size limit or between 18MB and 20 MB.

Email accounts sometimes do exceed their allotted quota and some mail systems may send out automated messages informing their users of this issue. However, no legitimate mail administration system is likely to threaten an account closure or demand that users click a link to log in and increase storage.  Nor would they ever ask users to send their username and password via an unsecured email in order to fix an over-quota account. Users can normally remedy the problem of an over-quota account themselves by simply logging in and freeing up space by deleting unnecessary emails.

Scammers regularly use such tactics to steal login information. Some scam emails may claim that the user must submit login details to prove his or her identity after a system upgrade. Others, like the one discussed here, claim that there is a problem with the account and the user must supply login information so that the “problem” can be rectified. Be wary of any unsolicited message that asks you to supply your email password. If you receive one, do not click any links or open any attachments that it may contain.




Last updated: November 18, 2016
First published: November 29, 2009
By Brett M. Christensen
About Hoax-Slayer

References
‘Re-Validate Your Mailbox’ Email Phishing Scam
Microsoft Outlook ‘Account Exceeded Storage Limit’ Phishing Scam
“Mailbox Exceeded The Quota Warning Threshold” Email Phishing Scam




Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer