In what seems like a real email message, users are prompted to upgrade storage within 24 hours, otherwise their emails account will be suspended. However, clicking on the link provided leads users to an “http” page, where they're asked to provide login information, according to a Comodo Threat Research Labs DEFEND post.
“Now, if you are observant, you might notice that you're still not logged in and that your account, in fact, hasn't been upgraded,” researchers wrote. “To most this would be annoying that you have to login again, but in reality the scam has already been completed and probably 97% of your fellow victims are none the wiser. Once you clicked on the “Log In” button, anything in the username and password boxes was transmitted to the scammer.”