A new scam is sweeping across smartphones and catching thousands of people off guard. Criminals are sending fake “Cloud Storage Full” or “photo deletion” alerts that claim your images and videos are about to disappear unless you upgrade your storage. The warning looks urgent and real. It even mimics major cloud services. But the moment you click the link, you enter a trap.

Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

How this fast-growing Cloud Storage Full scam tricks victims

Trend Micro researchers recently uncovered this fast-growing phishing campaign after seeing a massive jump in activity. The company reports a 531% month-over-month spike from September to October, which shows how quickly the scheme is spreading.

PROTECT YOUR DATA BEFORE HOLIDAY SHOPPING SCAMS STRIKE

Scammers are sending personalized SMS and iMessage alerts that include your name and a believable count of photos or videos. Once you tap the link, you land on a very convincing fake website that appears to be a cloud storage dashboard. From there, you are urged to pay a tiny $1.99 upgrade fee to prevent deletion. Instead of protecting anything, you hand over your credit card, PayPal login or other personal information.

Trend Micro provided several screenshots and internal samples that reveal how polished the scam has become. The fake sites use progress bars, countdown timers and warnings that your files will be lost. They even simulate a cloud storage layout to match the look of popular platforms. 

Jon Clay, VP of Threat Intelligence at Trend Micro, shared an important warning to CyberGuy:

“The recent spike in ‘Cloud Storage Full’ scams shows just how well cybercriminals are perfecting emotional manipulation. These scams prey on fear and urgency, warning users their photos will be deleted unless they pay a small upgrade fee. During a time of year when we may be capturing many precious moments on camera, scammers are targeting older adults who may think this type of scam message is legitimate and who may be worried and anxious about losing something that cannot easily replace. Consumers should always stay cautious of unsolicited messages and always verify alerts directly through official apps or websites.”

Trend Micro’s analysis outlines exactly how the scam works, from the initial message to the final theft. Their screenshots show fake dashboards, false warnings and pages asking for credit card or PayPal details. Some versions even redirect to legitimate sites later to cover their tracks.

How the Cloud Storage Full scam works

Scammers follow a predictable pattern with this scheme, and each stage reveals a clear red flag that can help you spot the danger early.

1) Initial contact

Victims receive an unsolicited SMS or iMessage that claims their photos or videos will be deleted soon. Messages include the person’s first name and fake counts like “1,675 images” or “2,010 snaps” to boost credibility. Scammers add statements like “Act now” or “Final warning” to trigger panic. Each message ends with a short link that leads to a malicious .info domain.

FAKE CHATGPT APPS ARE HIJACKING YOUR PHONE WITHOUT YOU KNOWING

2) Trust building

After tapping the link, the user arrives at a fake “Cloud Storage Full” website. It mirrors the fonts, icons and button styles of real cloud services. Users see alerts such as “Your photos, contacts and private data will be lost.” Everything looks polished to reduce suspicion.

3) The hook

The site claims your storage is completely full and urges a one-time upgrade for $1.99. A progress bar sits at 100 percent full and a countdown timer warns that data will vanish in minutes. The “Continue” button goes to a fake payment page.

4) The exit

Once victims enter credit card or PayPal details, scammers harvest the data instantly. Attackers may use stolen credentials for unauthorized purchases, credential stuffing or resale on dark web markets. Some victims receive fake receipt emails to make the charge look legitimate.

Trend Micro reports that certain scam sites later redirect to real pages like iolo.com to hide their tracks.

Red flags to watch for

• Urgent warnings that your photos will be deleted
• Unfamiliar links ending in .info
• Messages that include your name to appear credible
• Payment requests for tiny fees like $1.99
• Countdown timers meant to force quick decisions
• Sites that look familiar but have unusual URLs

Tips to stay safe from Cloud Storage Full scams

Scammers rely on fear and urgency to push quick decisions, but a few smart habits can shut down their tricks before they start.

1) Verify alerts inside the official app or website

Open your cloud storage app or go to the official website directly. If you see a real problem, it will appear there. This simple step prevents you from reacting to fake warnings.

GHOST-TAPPING SCAM TARGETS TAP-TO-PAY USERS

2) Never tap storage alerts sent through SMS or iMessage, and use strong antivirus software

Break the habit of tapping links in messages. Real cloud services rarely text users about photo deletion. A strong antivirus tool will flag dangerous links before they open.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

3) Use a data removal service

Consider using a reputable data removal service to scrub your personal details from data broker sites. This step makes it harder for scammers to target you with personalized messages that look real.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

4) Watch for strange links

Look closely at every link. Scammers rely on short domains that look suspicious. Legitimate companies avoid shortened URLs and unknown domains.

5) Use multi-factor authentication

Turn on multi-factor authentication (MFA) for all cloud and payment accounts. It adds a powerful layer of protection if criminals steal your login.

6) Check your credit card for small test charges

Review your statements often. Attackers start with tiny charges to test a card before making bigger purchases.

GEEK SQUAD SCAM EMAIL: HOW TO SPOT AND STOP IT

7) Use a password manager

A good password manager helps you create strong, unique passwords. It limits the fallout if your login appears in a data breach.

Next, see if your email has been exposed in past breaches. Our #1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

8) Report suspicious messages

Forward scam texts to 7726 (SPAM). This helps carriers block similar messages for everyone.

Kurt’s key takeaways

This scam spreads because it hits people where they are most vulnerable. Our phones store personal memories, family events and moments we never want to lose. Scammers know this and are now creating messages that look real enough to fool even the most cautious users. Emotional triggers like fear and urgency remain powerful tools for cybercriminals. Always question surprise warnings about data loss. When in doubt, check your account directly through the official app or website. A few seconds of verification can save you from credit card theft and identity headaches.

Have you ever received a message like this, and how did you handle it? Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report 

Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

Copyright 2025 CyberGuy.com. All rights reserved.