I always share scams and identity theft schemes aimed at me because I know that if I am being targeted so are you. Recently I received an email that purported to be from my email system administrator telling me that my email mailbox had exceeded its storage limits. This scam is a particularly dangerous one because, as all good scams do, it has a grain of truth and appears to be legitimate. Many of us, myself included, do not delete many emails that are not important to keep and if you do truly exceed your email mailbox size, it can effect your ability to send or receive emails. In that instance, you will receive a warning from your system’s administrator telling you to move items to your folders and to delete items. The phony email request purporting to be from your system’s administrator will tell you to respond to the email with your account user name and your password in order to increase the size of your mailbox and restore its availability. If you do, you will turn over control of your account to a scammer who can go through your emails and take information that can make you a victim of identity theft as well as hijack your account to send out emails to your friends and correspondents that will appear to come from you, but will be loaded with malware that will catch your friends and correspondents unaware. That scam is called spearphishing where your email address is hijacked and emails are sent to your friends that look like they are coming from you.
Your real systems administrator will never ask for your user name and password. If you do get such an email and you think that it may be legitimate, contact your system’s administrator at an email address or telephone number that you know is accurate to inquire as to the status of your account. Any email that you get that asks for you to turn over your user name and password is undoubtedly a phishing scam.