Home ScamsPhishing Scams ‘Re-Validate Your Mailbox’ Email Phishing Scam

‘Re-Validate Your Mailbox’ Email Phishing Scam

by Brett M. Christensen

Email purporting to be from ‘Your Domain Admin’ claims that your email account has exceeded its storage limit and you must therefore open an attached file to re-validate your mail box.

Brief Analysis:
The email is not from any domain or webmail admin and the claim that you must validate your account is untrue. The email is a phishing scam designed to steal your email account login credentials.

Subject: Re-Validate Your Mailbox..

Dear Email User,Your mailbox has exceeded the storage limit, which is defined by the administrator,
You are running at 99.8 gigabytes,you can not send or receive new messages until you re-validate your mailbox


Thank you!


Your Domain Admin.

©2010 – 2016 Mail . All Rights Reserved.

Attached HTML file opens the following login form in your default browser:

Revalidate Mailbox Phishing Scam

Detailed Analysis:
According to this email, which purports to be from ‘Your Domain Admin’, your mailbox has exceeded its storage limit and you will therefore be unable to send or receive new emails. To deal with the problem, claims the email, you must open an attached file to validate your mailbox.  The email includes an attached file called ‘revalidate.html’.

However, the message is certainly not an official admin notification and the claim that you must re-validate your mailbox is untrue.

Instead, the message is a phishing scam that is designed solely to steal your email account address and password. If you open the attached .html file, an email account login form will load in your default browser. The form asks you to sign in to update your account by entering your email address and password.  After entering your account details, another page will appear that notifies you that the ‘update’ is now complete. Thus, you may carry on with your day in the mistaken belief that you have dealt with the supposed exceeded storage issue.

Meanwhile, however, Internet criminals can use the information you supplied to hijack your email account and redeploy it for their own purposes. Once they have gained access to your account, the criminals can use it to launch spam, scam, and malware campaigns in your name.

In this attack, the scammers have deliberately not identified the email service provider they are supposedly representing. By using this generic approach, they can target all email users, not just those who use a particular provider such as Gmail or Yahoo.

Depending on the type of account you have and how it is configured, your email inbox may indeed exceed its allotted storage limit from time to time. And, your email provider may be configured to automatically send you a message warning you that the storage limit has been reached. However, no legitimate service provider will ever instruct you to provide your login details via an unsecure form contained in an email attachment.

It is always safest to login to all of your online accounts by entering the address into your browser’s address bar or via an official app. If your email account does exceed its limit, you can usually deal with the issue by deleting messages stored in the account to free up room or, in some cases, asking for or allotting a larger storage limit.

Criminals have used this ‘exceeded storage limit’ ruse in various forms for years and this type of phishing scam is still quite common.

Last updated: June 13, 2016
First published: June 13, 2016
By Brett M. Christensen
About Hoax-Slayer

Email Exceeded Storage Limit Phishing Scam
Phishing Scams – Anti-Phishing Information


Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,