A global phishing campaign is sending repeated cloud-storage scam emails that falsely warn recipients their photos, files, and backups will be deleted due to alleged payment failures. The emails use storage.googleapis.com redirectors to lead victims to impersonation pages that push unrelated affiliate products and collect payment details, so users should delete suspicious messages and verify billing only through official provider sites or apps. #GoogleCloud #GoogleDrive
Keypoints
- Attackers send large volumes of urgent-looking cloud storage payment-failure emails worldwide.
- Senders use randomized domains and personalized subject lines with names, dates, and IDs to appear legitimate.
- All messages include links to storage.googleapis.com redirectors that forward victims to phishing pages.
- Phishing pages impersonate cloud portals, offer fake discounted upgrades, and redirect to affiliate checkout forms to harvest cards.
- Users should delete these emails, avoid clicking links, and check account billing only via official apps or websites.