Your mailbox has exceeded the storage limit is 1 GB, which is defined by the administrator, are running at 99.8 gigabytes, you can not send or receive new messages until you re-validate your mailbox.
To renew the mailbox,
CONFIRM (Links yo a page on docs.google.com)
Web mail system administrator!
WARNING! Protect your privacy. Logout when you are done and completely
exit your browser.
[End of Message]
This is the message that some fraudsters now send out to get username and password of Yahoomail users. They tell you that your inbox is full and ask you to click the CONFIRM link in the message to get more space. This is a ploy to get your Yahoomail login details.
Once you click that confirm link, you get taken to a google doc form asking you to input your username, password and country (check screenshot below). People complain that their email accounts have been hacked but often, they are not cases of hacking. They were just not vigilant enough.
If you have ever gotten an email like the one above, then someone has tried to get your email credentials and it if you have not supplied your username and password, you are safe. If you have confirmed it to them, you may want to quickly change your password while you still have access to your email.
How do you know these emails are not from Yahoo!?
There are always dead giveaways in their messages and if only people could be patient enough to check out some of these things, nobody would fall their victim.
1. Move your cursor of the sender name and the email address will show to you. In my case, the sender’s name was “Mail Server”. When I moved my cursor over it, the email address that showed up was email@example.com. This is surely not from Yahoo!
2. Move your cursor over the CONFIRM link or any other link they ask you to click and you would see that the embedded URL is not a Yahoo page. In my case, the link points to https://docs.google.com/forms/d/12XAbt0sH5OF2dBZ4JU659fMQrC8PxVFSdndJgtp2rZI/viewform. This is definitely not Google.
These first and second tips might not be very obvious if you are opening your Yahoomail on mobile phone but once you suspect something fishy (on old phones especially), you might want to open on a PC.
3. Know what your typical email message looks like, the footer especially. I checked the message on my Samsung Galaxy Note 10.1, which I have removed the “Sent from my Samsung Galaxy Tab” footer message from. I know how the footer of my messages look like.
A message from the real Yahoo would have their address and other relevant information after the body of text. This message I got did not have such and it came with a footer message to give me the impression that the message is safe.
The footer has Avast Antivirus logo (obviously added by the fraudsters) and the following message – “This email is free from viruses and malware because avast! Antivirus protection is active.”
I checked my other messages, nothing like the Avast footer there. In fact, I don’t have Avast Antivirus on my Tab.
4. Finally, if you have the mind to open that email and observe closely, you would notice the page is not Yahoo’s. Scroll to the bottom and you would see the “Powered by Google Forms” in the footer.
Most of the times, they don’t hack our email accounts, we just give them all the information they need on a platter of Gold. They change your password and lock you out. Your email can now be used to perpetrate every form of evil.
They will also gain access to vital information that only you should have access to. Examples of such are confirmation emails of your accounts on other sites, containing your username and password.
I have not seen this on Gmail yet. It seems only Yahoo mail is targeted at the moment. Gmail users should be vigilant.