Beware “Your mailbox is almost full” Spam (or Phishing) attempts

Have you received an email advising that your mailbox is almost full? You didn’t click the link in it did you?

A client of mine received such an email (see below), and queried it with me.

Screenshot of spam or phishing email warning of full mailbox

This is spam, and an example (one of many) that have been sent out over the past few years to unsuspecting website owners. Spam is inconvenient, but usually harmless.

Phishing attacks

However, some, like this one, can represent a threat. You’ll see from the screenshot that the email contains at least one link that recipients are invited to click. If you click a link in such an email you may allow malware / viruses to be installed on your computer. You might also be directed to a website that invites you to enter some personal details, and maybe a username and password to gain access to your mailbox. This is an example of ‘phishing’ and providing this information will let the perpetrators gain access to your mailbox, from which they can then get hold of (and send emails to) your contacts. You might also have other username and password information sitting in those emails for other services you use… anyway, you get the point!

How to spot a phishing email

There are a number of tell-tale signs that should alert you to the danger in these emails, but busy people don’t always have the time to read things properly – my clients’ initial reaction may well have been ‘I’d better action this quickly as I don’t want to lose any emails’. In the example above…

1. The email came from an email address that is not related to the business. This isn’t always a good indication of phishing, but if you don’t recognise the email address that should cause you to question things a little

2. The spam monitoring had already identified the email as potential spam and placed the ‘[spam]’ tag at the start of the subject line

3. The language isn’t quite ‘perfect’… ‘Click here to do reduce size automatically’ is more than a little suspicious

4. The ‘Click here’ link points to a website that clearly has nothing to do with the recipient. Floating over the link shows the target url as http://kirirumcurtain.com/hi/auto/newp/ii.php?email=[with the email address here]. Googling that domain name shows that it is a site owned by a business in Cambodia (although it looks like it is hosted in the US. Anyone clicking on the url will trigger a script to run on the target website, and there’s no telling what it could do. So please don’t!

McAfee site advisor warns about this site as a potential phishing site that… “might send your personal information to people online who can use it to access your financial information, or steal your identity.”

Google search result showing phishing site warning

If you do happen to click on such a link, our advice would be to run a good virus checking programs against your computer, and change any login credentials that you passed over to the phishing site (and any more that you think might also be compromised).

Of course, it’s not a bad idea to keep your mailbox under regular control anyway – so why not take a look and see what you can delete? It’ll cut down the space taken, reduce backup times (you do back up don’t you?), make things a little easier to find, and could possibly improve the performance of your system.

Let us know if you’ve seen this, or other phishing attempts. Did you click the links? What happened to you?

Tags: ,

Categories: General, What I have learned today

One Response to “Beware “Your mailbox is almost full” Spam (or Phishing) attempts”

  1. Claudia says:

    I clicked on the link and got this website is blocked. Am I still safe or should I be worried?

Leave a Reply

Share This

Please share if you've liked reading this

Share this post with your friends! It really helps us, and lets us know which content visitors like best - so we can write more like that!