07.10.2021

Caution trap
New bait on the hook: phishing mails with the mailbox full scam

Current phishing scam: Your email inbox is full

In view of the occasion, a brief supplement to our earlier Article about phishing mails using the example of a phishing method that is currently making waves:

Recently, more and more phishing e-mails have been circulating, purporting to come from large Internet providers such as Strato or 1und1 and informing the addressee that his or her e-mail box is full, i.e. that the storage space of the e-mail account has been exhausted. As a result, the sending of mails is disturbed or no longer possible, so that immediate action is necessary. Of course, the request to click on a link contained in the message and to log on to the linked page with one's e-mail access data in order to solve the problem is not missing.

The creation of pressure to act combined with the request to disclose one's own access data on a linked page are already two important and typical warning signals for phishing attempts in general. The other characteristics mentioned in our general article can also help to uncover the dubious background of the messages in this case.

Do not under any circumstances enter your e-mail access data on the linked or otherwise unknown websiteThis is because you are giving unauthorised persons access to your mailbox so that they can send (masses of) mails in your name, view your contacts and read your messages. It can be even worse if the given login data can be used for other accesses than just for the one mailbox, which is generally not a good idea (see also -> Access data under control).

If you have given away your email access data in response to such a phishing email ...

... change without delay the access data for your mailbox. You may find that the senders of the phishing e-mails are the first to give you new access data, so that you can no longer log in with your own data. This problem arises above all if the mail access data can also be used to log into the account management of your web hoster. In this case immediately seek contact with your hosterto clear up the problem.

... check whether mails have already been sent in your name, often initially also to your contacts. Have you received feedback or enquiries regarding conspicuous messages from people on your contact list?

... notify your contacts so that they are prepared for possible fraudulent messages starting from your address.

... check whether other accesses (hoster login, online shopping accounts, etc.) can be used with the captured access data, immediately change the access data for these services as well, if necessary, and check the corresponding accounts for suspicious transactions.

... in the event that damage has actually occurred, contact your hoster or providers of other affected services. If necessary, consider taking legal action and involving a legal advisor.

All other contributions