New “NOTIFICATION – Storage Full” Phishing Spam – Don’t Be Fooled!

Share the knowledge

If you’ve received an email with the subject “NOTIFICATION – Storage Full” (it may also have your email address in the subject), or an email which comes from, apparently, noreply@pres.serverhome.com, don’t open it! It’s a phishing scam trying to scam you out of your personal information!

What’s more, the scoundrels have set it up such that the email address to which the spam is sent is inserted to appear to be the recipient themselves, so that it further lulls you into a false sense of security (particularly if it’s a corporate address that could otherwise be legitimately sending email out including to itself).

(Read about some serious problems that can occur when a criminal spoofs your ‘from’ address here.)

The spam, which is signed by “Email Support” tells you that your email storage limit of 99.9 gig, “as defined by your adminstrator”, is full, and that you will be blocked from sending and receiving email if you don’t re-validate within 48 hours.

Of course, you re-validate by clicking on the link (which is cloaked as your email address), and once you click on it, you’re toast.

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

We are fortunate enough to have a sample of this malicious spam provided to us by SuretyMail:

From: “noreply@pres.serverhome.com” support at suretymail.com
Subject: support@suretymail.com NOTIFICATION – Storage Full
Date: May 23, 2018 at 2:13:10 AM MDT
To: support at suretymail.com
Reply-To: support at suretymail.com

Dear support at suretymail.com, Your email has used up the storage limit of 99.9 gigabytes as defined by your Administrator. You will be blocked from sending and receiving messages if not re-validated within 48hrs.

Kindly click on your email below for quick re-validation and additional storage will be updated automatically.

support at suretymail.com

Regards,

E-mail Support 2018.

As you can see, the email address at the end is hyperlinked. However when we hover over that link, here is where it actually goes:

notification storage full email limit spam exposed link

 

The point of origin domain for this email is domain-admin.com, and is registered to someone somewhere in Russia.

As always, we urge you to look at all email that you receive from an unexpected or unknown source skeptically, and if there are links that you are being asked to click within the email, to instead go directly to that site in your browser, if appropriate (for example if the email appears to be from an organization with which you actually do business – we hope that it’s obvious that if it’s an email like the above, and you can see that it’s a site with which you have no business or of which you have no knowledge when you hover over the link, that you will delete the email without further ado).

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.