A new phishing scam is deceiving users with fake “Cloud Storage Full” alerts, leading to potential theft of personal information and financial loss.
A new phishing scam is rapidly gaining traction, targeting smartphone users with alarming fake alerts that claim their cloud storage is full. These messages, which often include phrases like “Cloud Storage Full” or “photo deletion,” suggest that users must upgrade their storage to prevent the loss of their images and videos. The urgency of these alerts is designed to catch individuals off guard, prompting them to act quickly without verifying the legitimacy of the message.
According to researchers at Trend Micro, the scam has seen a staggering 531% increase in activity from September to October, indicating its swift spread among unsuspecting users. The alerts are personalized, often including the recipient’s name and a believable count of photos or videos stored, which adds to their credibility.
Upon clicking the link in the message, users are directed to a convincing fake website that resembles a legitimate cloud storage dashboard. Here, they are urged to pay a nominal fee of $1.99 to avoid losing their files. However, instead of safeguarding their data, victims inadvertently provide their credit card information, PayPal login, or other personal details to the scammers.
Trend Micro has shared several screenshots and internal samples that illustrate the sophistication of this scam. The counterfeit sites employ progress bars, countdown timers, and warnings about imminent data loss to create a sense of urgency. They meticulously mimic the layout of popular cloud storage platforms to reduce suspicion among users.
Jon Clay, Vice President of Threat Intelligence at Trend Micro, emphasized the emotional manipulation tactics employed by cybercriminals. “The recent spike in ‘Cloud Storage Full’ scams shows just how well cybercriminals are perfecting emotional manipulation,” he stated. “These scams prey on fear and urgency, warning users their photos will be deleted unless they pay a small upgrade fee.” He noted that older adults are particularly vulnerable, as they may perceive these messages as legitimate and fear losing irreplaceable memories.
Trend Micro’s analysis outlines the scam’s progression, from the initial unsolicited message to the final theft of personal information. Victims typically receive a text message that claims their photos or videos are at risk of deletion, often accompanied by their first name and a fabricated count of images. Phrases like “Act now” or “Final warning” are strategically included to incite panic, culminating in a link that leads to a malicious .info domain.
Once users click the link, they arrive at a counterfeit “Cloud Storage Full” site that closely resembles the design of legitimate cloud services. The site falsely claims that the user’s storage is full and prompts them to make a one-time upgrade payment. A progress bar indicates that the storage is at 100% capacity, while a countdown timer warns that data will be lost imminently. Clicking the “Continue” button leads to a fraudulent payment page.
Once victims enter their credit card or PayPal information, scammers can quickly harvest this data. The stolen credentials may be used for unauthorized purchases, credential stuffing, or sold on dark web markets. Some victims may even receive fake receipt emails to lend an air of legitimacy to the charge.
Trend Micro has noted that certain scam sites may redirect users to legitimate websites later to obscure their tracks. This tactic is part of a broader strategy that relies on fear and urgency to compel quick decisions from users.
To protect against such scams, experts recommend several precautionary measures. First, users should directly access their cloud storage app or website to check for any legitimate issues, rather than responding to unsolicited messages. This simple step can help prevent falling victim to fake alerts.
Additionally, individuals should avoid clicking on links in unexpected messages, as legitimate cloud services rarely send texts regarding photo deletion. Installing robust antivirus software can also provide an extra layer of protection by flagging dangerous links before they are opened.
For those concerned about their personal information being targeted, using a reputable data removal service can help scrub details from data broker sites, making it more difficult for scammers to send personalized messages. While no service can guarantee complete removal of data from the internet, these services actively monitor and erase personal information from various websites.
Users should also exercise caution when reviewing links, as scammers often use shortened URLs that may appear suspicious. Enabling multi-factor authentication (MFA) for cloud and payment accounts can add an additional layer of security in case login credentials are compromised.
Regularly reviewing financial statements is crucial, as attackers often start with small charges to test stolen cards before making larger purchases. Utilizing a password manager can help create strong, unique passwords, limiting the fallout if login information is exposed in a data breach.
Finally, users are encouraged to report scam texts by forwarding them to 7726 (SPAM), which assists carriers in blocking similar messages for all users.
This scam exploits the emotional vulnerability of individuals, particularly during times when they are capturing cherished moments on their devices. Scammers are adept at crafting messages that appear legitimate, making it essential for users to remain vigilant and verify any unexpected alerts directly through official channels.
For those who have encountered similar messages, sharing experiences can help raise awareness about these scams and protect others from falling victim.
Source: Original article