I wonder how often normally careful people fall for requests like this one I received early this morning:
Your mailbox has exceeded the storage limit of 10GB, which is as defined by the administrator, you are currently running on 10.9GB, you may not be able to send or receive new messages until you re-validate your mailbox . To re-validate your mailbox, send the following information below:
If you fail to re-validate your mailbox, the mailbox will be disabled!
thank you System Administrator
especially when all the header information is usually hidden by most email clients. Suspicious stuff like email routed from Brazil or Thailand which would be a red flag is normally not displayed.
Received: from localhost (localhost [127.0.0.1]) by email.hujm.ufmt.br (Postfix) with ESMTP id B1DF2389C0B; Sun, 24 Nov 2013 11:03:45 -0300 (AMST) Received: from email.hujm.ufmt.br ([127.0.0.1]) by localhost (email.hujm.ufmt.br [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hTusU-YxVjDd; Sun, 24 Nov 2013 11:03:45 -0300 (AMST) Received: from [18.104.22.168] (unknown [22.214.171.124]) by email.hujm.ufmt.br (Postfix) with ESMTPSA id B61E7389BF7; Sun, 24 Nov 2013 11:03:28 -0300 (AMST) Content-Type: text/plain; charset=”iso-8859-1″ MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Description: Mail message body Subject: ATTENTION To: Recipients email@example.com From: “System Administrator” firstname.lastname@example.org Date: Sun, 24 Nov 2013 09:03:19 -0500 Reply-To: email@example.com X-Mailer: TurboMailer 2 Return-receipt-to: firstname.lastname@example.org Message-Id: 20131124140329.B61E7389BF7@email.hujm.ufmt.br
I am the System Administrator for several domains, so I knew this mailbox limit was not accurate, but prior ISPs I’ve used did have a storage limit, and I did open this email almost by habit based on the subject line alone. If I was a less-savvy recipient, would I think it strange that my SysAdmin was asking for my user name and password? Maybe not.