Connect with us

Technology

Cloud Storage Full scam steals your photos and money

Published

on

Cloud Storage Full scam steals your photos and money

NEWYou can now listen to Fox News articles!

A new scam is sweeping across smartphones and catching thousands of people off guard. Criminals are sending fake “Cloud Storage Full” or “photo deletion” alerts that claim your images and videos are about to disappear unless you upgrade your storage. The warning looks urgent and real. It even mimics major cloud services. But the moment you click the link, you enter a trap.

Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

How this fast-growing Cloud Storage Full scam tricks victims

Trend Micro researchers recently uncovered this fast-growing phishing campaign after seeing a massive jump in activity. The company reports a 531% month-over-month spike from September to October, which shows how quickly the scheme is spreading.

PROTECT YOUR DATA BEFORE HOLIDAY SHOPPING SCAMS STRIKE

Advertisement

Scammers use convincing storage alerts and fake dashboards to push victims into paying small fees that expose their credit card details. (Pixelfit/Getty Images)

Scammers are sending personalized SMS and iMessage alerts that include your name and a believable count of photos or videos. Once you tap the link, you land on a very convincing fake website that appears to be a cloud storage dashboard. From there, you are urged to pay a tiny $1.99 upgrade fee to prevent deletion. Instead of protecting anything, you hand over your credit card, PayPal login or other personal information.

Trend Micro provided several screenshots and internal samples that reveal how polished the scam has become. The fake sites use progress bars, countdown timers and warnings that your files will be lost. They even simulate a cloud storage layout to match the look of popular platforms. 

Jon Clay, VP of Threat Intelligence at Trend Micro, shared an important warning to CyberGuy:

“The recent spike in ‘Cloud Storage Full’ scams shows just how well cybercriminals are perfecting emotional manipulation. These scams prey on fear and urgency, warning users their photos will be deleted unless they pay a small upgrade fee. During a time of year when we may be capturing many precious moments on camera, scammers are targeting older adults who may think this type of scam message is legitimate and who may be worried and anxious about losing something that cannot easily replace. Consumers should always stay cautious of unsolicited messages and always verify alerts directly through official apps or websites.”

Advertisement

Trend Micro’s analysis outlines exactly how the scam works, from the initial message to the final theft. Their screenshots show fake dashboards, false warnings and pages asking for credit card or PayPal details. Some versions even redirect to legitimate sites later to cover their tracks.

How the Cloud Storage Full scam works

Scammers follow a predictable pattern with this scheme, and each stage reveals a clear red flag that can help you spot the danger early.

1) Initial contact

Victims receive an unsolicited SMS or iMessage that claims their photos or videos will be deleted soon. Messages include the person’s first name and fake counts like “1,675 images” or “2,010 snaps” to boost credibility. Scammers add statements like “Act now” or “Final warning” to trigger panic. Each message ends with a short link that leads to a malicious .info domain.

FAKE CHATGPT APPS ARE HIJACKING YOUR PHONE WITHOUT YOU KNOWING

2) Trust building

After tapping the link, the user arrives at a fake “Cloud Storage Full” website. It mirrors the fonts, icons and button styles of real cloud services. Users see alerts such as “Your photos, contacts and private data will be lost.” Everything looks polished to reduce suspicion.

Advertisement

3) The hook

The site claims your storage is completely full and urges a one-time upgrade for $1.99. A progress bar sits at 100 percent full and a countdown timer warns that data will vanish in minutes. The “Continue” button goes to a fake payment page.

4) The exit

Once victims enter credit card or PayPal details, scammers harvest the data instantly. Attackers may use stolen credentials for unauthorized purchases, credential stuffing or resale on dark web markets. Some victims receive fake receipt emails to make the charge look legitimate.

Trend Micro reports that certain scam sites later redirect to real pages like iolo.com to hide their tracks.

Scammers use fake dashboards and alerts to push victims to share payment info. (Kurt “CyberGuy” Knutsson)

Red flags to watch for

  • Urgent warnings that your photos will be deleted
  • Unfamiliar links ending in .info
  • Messages that include your name to appear credible
  • Payment requests for tiny fees like $1.99
  • Countdown timers meant to force quick decisions
  • Sites that look familiar but have unusual URLs

Tips to stay safe from Cloud Storage Full scams

Scammers rely on fear and urgency to push quick decisions, but a few smart habits can shut down their tricks before they start.

1) Verify alerts inside the official app or website

Open your cloud storage app or go to the official website directly. If you see a real problem, it will appear there. This simple step prevents you from reacting to fake warnings.

Advertisement

GHOST-TAPPING SCAM TARGETS TAP-TO-PAY USERS

2) Never tap storage alerts sent through SMS or iMessage, and use strong antivirus software

Break the habit of tapping links in messages. Real cloud services rarely text users about photo deletion. A strong antivirus tool will flag dangerous links before they open.

The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

3) Use a data removal service

Consider using a reputable data removal service to scrub your personal details from data broker sites. This step makes it harder for scammers to target you with personalized messages that look real.

Advertisement

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

4) Watch for strange links

Look closely at every link. Scammers rely on short domains that look suspicious. Legitimate companies avoid shortened URLs and unknown domains.

5) Use multi-factor authentication

Turn on multi-factor authentication (MFA) for all cloud and payment accounts. It adds a powerful layer of protection if criminals steal your login.

Advertisement

6) Check your credit card for small test charges

Review your statements often. Attackers start with tiny charges to test a card before making bigger purchases.

GEEK SQUAD SCAM EMAIL: HOW TO SPOT AND STOP IT

7) Use a password manager

A good password manager helps you create strong, unique passwords. It limits the fallout if your login appears in a data breach.

Next, see if your email has been exposed in past breaches. Our #1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

These fake storage warnings mimic real cloud services and pressure users to upgrade for $1.99. Once you enter payment info, scammers steal it instantly. (uchar/Getty Images)

Advertisement

Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

8) Report suspicious messages

Forward scam texts to 7726 (SPAM). This helps carriers block similar messages for everyone.

Kurt’s key takeaways

This scam spreads because it hits people where they are most vulnerable. Our phones store personal memories, family events and moments we never want to lose. Scammers know this and are now creating messages that look real enough to fool even the most cautious users. Emotional triggers like fear and urgency remain powerful tools for cybercriminals. Always question surprise warnings about data loss. When in doubt, check your account directly through the official app or website. A few seconds of verification can save you from credit card theft and identity headaches.

Have you ever received a message like this, and how did you handle it? Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Advertisement

Sign up for my FREE CyberGuy Report 

Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

Copyright 2025 CyberGuy.com. All rights reserved.

Technology

Apple’s plot to crush OpenAI

Published

on

Apple’s plot to crush OpenAI

Apple is suing OpenAI. The complaint is readable and intense, as these things often are, though many experts seem to think many of the allegations are just the ways things are done. So what does Apple really want here, and why is it picking such a public fight with OpenAI?

On this episode of The Vergecast, Nilay and David go through the lawsuit, and look at Apple’s history of splashy litigation to determine whether Apple is worried about a possible competitor or simply looking to capitalize on a weak moment for OpenAI. All this is happening as Apple ships the public betas of its new software, headlined by the new Siri AI, and we have thoughts about what it all means — and whether the new Siri is actually any good.

Continue Reading

Technology

New bank scam laws could stop suspicious payments

Published

on

New bank scam laws could stop suspicious payments

NEWYou can now listen to Fox News articles!

Your phone rings, and the caller says your bank account is under attack. To protect your savings, you must move the money right now. The caller sounds calm. The instructions feel official. However, the “safe account” belongs to a scammer. That pressure can turn years of savings into an irreversible transfer. Georgia now gives some banks and credit unions another chance to interrupt the payment before the money leaves.

House Bill 945 took effect July 1, 2026. The law lets financial institutions pause certain transactions when they reasonably suspect financial exploitation. It protects adults age 65 or older. It also covers adults with qualifying physical or mental incapacities, Alzheimer’s disease or dementia. The idea sounds simple. Yet the details matter because your bank’s power may depend on your state, your account and the institution’s own policy.

YOUR FAMILY COULD BE ONE PHONE CALL FROM A BANK SCAM

Free live CyberGuy class: Sick of Spam? Join us July 22.

Advertisement

Join us Wednesday, July 22, at 1 PM ET for a free CyberGuy Live class that will help you cut down on robocalls, spam texts, junk email and other unwanted messages. Kurt “CyberGuy” Knutsson will walk you step by step through simple ways to filter spam, clean up your inbox and recognize the messages that could put your personal information at risk. No technical experience is needed. You’ll also receive our spam-stopping checklist, and every registrant will get a link to the class recording afterward.

Reserve your free spot today at CyberGuyLive.com.

Georgia’s new bank scam law lets financial institutions pause certain suspicious transactions involving older or vulnerable adults. (Getty)

Georgia’s new bank scam law can pause a suspicious payment

Under Georgia’s law, a financial institution may place a hold on a transaction linked to suspected exploitation. The law can cover an eligible adult’s account or an account where that adult is a beneficiary. It can also reach an account belonging to someone suspected of carrying out the exploitation. That last provision gives the law extra reach. In practice, it could help when suspicious money arrives in another customer’s account. The institution may have room to stop the payment from moving farther when the facts support concern.

However, the law gives banks discretion. It says a financial institution may place the hold, but it does not require one. Therefore, a worried teller or fraud analyst still has to notice the warning signs and act. The law also focuses on the suspicious transaction. It does not automatically shut down every payment or withdrawal connected to the account.

Advertisement

A possible 30-day delay comes with limits

A Georgia hold initially expires after 15 business days. The bank may add up to 15 more business days if its review still supports the exploitation concern. A court may shorten or extend that period. The bank must notify authorized account parties and any trusted contact within three business days. It can skip someone it reasonably suspects of taking part in the exploitation. The institution must also begin reviewing the facts behind its decision.

Before using this power, the institution must train the employees involved. It also needs written procedures for reviewing suspected exploitation. The law gives institutions liability protection when they act in good faith and use reasonable care.

A trusted contact can help without controlling your money

Georgia’s law also allows an eligible adult to name a trusted contact for an account. That person could be a relative, friend or another adult the account owner trusts. The bank may contact that person when it suspects exploitation. It may also ask for help confirming contact information, health status or the identity of someone holding power of attorney. In some cases, the institution may share only that it suspects exploitation.

A trusted contact does not automatically gain access to your balance. The role also does not grant authority to move your money or make decisions for you. Federal regulators describe the contact as a backup person whom the institution can alert when something looks wrong.

Which states let banks pause suspected scam payments?

Georgia is part of a much larger shift. As of today, at least 33 states have enacted laws that let banks, credit unions or other covered financial institutions delay certain transactions when they suspect financial exploitation.

Advertisement

The FTC’s most recent nationwide chart identified 24 states with these laws.

However, the agency warned that its chart was only a snapshot and advised readers to check current state statutes.

However, the agency warned that its chart was only a snapshot and advised readers to check current state statutes. Since that report, nine additional states have enacted protections.

These 33 states have enacted transaction-hold protections

The states are:

  • Alabama, Arkansas, Colorado, Connecticut, Delaware, Florida, Georgia and Idaho
  • Kentucky, Louisiana, Maine, Maryland, Michigan, Minnesota, Mississippi and Montana
  • Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Oklahoma, Oregon and Rhode Island
  • South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington and Wyoming

The laws do not give every bank the same power. Some let an institution pause a payment on its own. Others require a report to law enforcement or adult protective services. The protected age can also vary, while several states include younger adults with qualifying disabilities. Hold periods differ even more. A delay may last only a few business days in one state. Elsewhere, an investigation or court order can keep the payment on hold much longer.

HOW FLORIDA RETIREE LOST $200K IN FAKE PAYPAL REFUND SCAM

Advertisement

Scammers often pressure victims to move money quickly, while transaction-hold laws aim to create time for review. (Photo by Nikolas Kokovlis/NurPhoto via Getty Images)

Nine states have joined the list since the FTC’s last review

Here is what the newer state laws do.

Colorado

Colorado’s HB 26-1110 created the Adults’ Security and Safeguards from Exploitation in Transactions Act, known as the ASSET Act. It lets a bank or credit union delay a disbursement when it reasonably believes a vulnerable adult faces financial exploitation. The institution must notify law enforcement or adult protective services. A decision generally must be made within 90 days. That period can reach 180 days when an agency investigation remains underway. The law takes effect August 12, 2026.

Georgia

Advertisement

Georgia’s HB 945 lets a financial institution place a hold on a suspicious transaction involving an eligible adult. The law also reaches accounts where the adult is a beneficiary. In some cases, it can cover an account belonging to the suspected perpetrator. The initial hold lasts up to 15 business days. A bank may extend it for another 15 business days when its review continues to support the concern. The law also includes trusted contacts, employee training and written notice requirements.

Idaho

Idaho enacted HB 182, known as the Report and Hold law, in 2025. It covers a broad range of financial businesses, including banks, credit unions, lenders, money transmitters and investment firms. Covered professionals may temporarily pause suspicious transactions and report suspected exploitation. The law also gives them liability protection when they act in good faith.

Maine

Maine’s 2025 law covers adults age 65 or older and people protected by the state’s Adult Protective Services Act. A bank or credit union may delay a disbursement when it reasonably believes the payment could result in exploitation. The institution must notify the Maine attorney general within two business days. The hold generally ends within 15 business days unless a court extends it. Customers may also be able to designate a trusted contact.

Advertisement

Maryland

Maryland’s Vulnerable Adult Banking Protection Act covers residents age 65 or older and vulnerable adults who cannot provide for their daily needs. A financial institution may delay or deny a suspicious disbursement. An initial delay can last 15 business days. The institution or an investigating agency can extend it for up to 25 business days from the original request date. The law takes effect October 1, 2026.

North Carolina

North Carolina’s SB 595 gives financial institutions broad authority to delay or refuse transactions involving suspected exploitation of older or disabled adults. The law covers withdrawals, transfers and some requested account changes. An initial delay can last up to 30 business days. The institution may extend it for another 30 business days if it continues to believe exploitation is occurring. Banks may also alert a trusted contact.

Oklahoma

Advertisement

Oklahoma’s SB 2067 requires financial institution employees to report suspicious activity internally and notify an appropriate agency. Banks and credit unions may place a temporary hold on a reported account. They can also contact someone previously designated by the account holder. The law takes effect November 1, 2026.

South Dakota

South Dakota’s HB 1238 lets a financial institution delay or refuse certain transactions when it reasonably believes exploitation may have occurred or is being attempted. The law protects senior and vulnerable adults. It also covers a consenting adult who asks the institution to take protective action.

Vermont

Vermont’s Act 106 lets covered financial institutions delay a transaction when they reasonably believe a customer faces financial exploitation. The initial delay can last 15 business days. The institution may add another 15 days when it believes the exploitation may continue. Vermont approved the law on May 20, 2026.

Advertisement

Why bank scam protections vary by state

The federal Senior Safe Act encourages financial professionals to report suspected exploitation. It also offers liability protection to covered institutions and trained employees who make qualifying reports. However, the law does not create one nationwide transaction-hold rule for checking and savings accounts. Investment accounts follow a different framework. FINRA Rule 2165 lets a brokerage firm temporarily hold certain disbursements or securities transactions when it reasonably believes an eligible adult faces financial exploitation.

The rule generally covers adults age 65 or older along with some younger adults who have qualifying impairments. As a result, a brokerage firm may have national regulatory authority to pause a suspicious request. A bank handling your checking account may depend more heavily on the law in your state.

A state law still cannot guarantee your payment will stop

Most state laws give a bank permission to act rather than requiring it to block every suspicious payment. The institution still needs to recognize the warning signs and have enough information to reasonably suspect exploitation. Your protection may depend on your age, the account involved and where you live. Your bank’s internal policies and employee training also play a role. Even in a state with a transaction-hold law, a payment may go through before anyone realizes a scam is underway.

Scammers know speed works in their favor

CyberGuy has reported on grandparent scams that use urgent calls, stolen details and AI-cloned voices. We have also covered crypto kiosk scamswhere frightened victims followed a caller’s instructions while the money moved beyond easy recovery. Georgia also used HB 945 to add safeguards for virtual currency kiosks, another payment method scammers use to move money quickly.

In both cases, the scammer wants to keep you isolated. They may warn you not to call your family or bank. They might claim that an employee is part of the investigation. A transaction hold attacks that pressure tactic. It adds time, which gives someone a chance to ask a basic question: Does this story make sense? Of course, no law will catch every scam. A payment can move through a different state, another financial service or a crypto wallet. Also, a bank may miss the warning signs or choose not to place a hold.

Advertisement

THE GIFT THAT PROTECTS YOUR DAD FROM SCAMMERS

House Bill 945 took effect July 1, 2026, giving Georgia banks more authority to delay payments tied to suspected exploitation. (Kurt “CyberGuy” Knutsson)

Do these bank scam transaction hold laws work?

An ABA Foundation survey commissioned from 158 banks offers an early view. Half of the responding banks in states with hold laws said they had used the authority to delay, refuse or hold transactions. Nearly 90% of respondents in states without such laws supported adopting them. The survey reflects the banking industry’s experience rather than a nationwide independent study. Even so, it shows that banks see value in having time to investigate.

That time can also create a difficult balance. Banks need enough authority to stop a devastating payment. Yet they must avoid blocking legitimate transactions based on age alone. Georgia tries to address that concern with a reasonable-cause standard. It also requires notice, employee training and an internal review. Whether the law succeeds will depend on how institutions use those tools.

How to protect your money from bank scams

You should not assume your bank can reverse a scam payment. You also cannot count on it pausing every suspicious transaction. The safest approach is to put protections in place before an urgent call, text or email catches you off guard.

Advertisement

1) Ask your bank about trusted contacts and transaction holds

Call your bank’s fraud department and ask whether you can add a trusted contact to your account. Then ask what the bank does when an employee suspects financial exploitation. You should also find out whether your state allows the bank to delay a suspicious transaction. The answer may differ between your checking account and your brokerage account.

2) Turn on instant alerts for account activity

Enable notifications for withdrawals, transfers and card purchases. Choose the lowest available dollar threshold so you hear about unusual activity quickly. Also review your bank’s daily transfer and wire limits. Lower limits can make it harder for a scammer to move a large amount of money in one transaction.

3) Make sure your trusted contact understands the role

Choose someone who will answer quickly and question an unusual request. Make sure that person knows your bank may call if something appears wrong. A trusted contact does not automatically gain access to your money. The role gives your bank another way to reach someone you trust during a possible emergency.

4) Create a family code word for emergencies

Choose a private word or phrase that family members can use to verify a real emergency. If someone calls claiming a loved one needs money, ask for the code word. Then hang up and contact your relative through a phone number you already have. Never call a number provided by the person demanding payment.

5) Never transfer money to a so-called safe account

A bank, government agency or law enforcement officer will not tell you to protect your savings by transferring them to another account. Scammers often use the phrase “safe account” to make a fraudulent transfer sound official. Do not send money through a wire transfer, cryptocurrency kiosk or payment app while someone is pressuring you to act immediately. End the conversation and call your bank using the number on the back of your card or its official website.

Advertisement

6) Use strong security software on your devices

Strong antivirus software can help detect malicious links, fake websites and downloads that scammers use to steal financial information. Keep the software updated on your phone and computer. Security software cannot stop every phone scam. However, it can block some of the digital tools criminals use before they reach your bank account. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

7) Reduce the personal information scammers can use

Scammers may pull your age, relatives’ names, phone number and address from data broker and people-search websites. They can use those details to make a fake emergency sound convincing. A data removal service can help reduce how much personal information appears on these sites. It cannot remove every record from the internet, but it can make it harder for criminals to build a detailed profile around you or your family. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

8) Act quickly if money starts moving

Call your bank’s fraud department as soon as you suspect a scam. Ask the institution to stop, recall or flag the transaction. Change your online banking password from a trusted device and review recent account activity. If you shared login details, ask the bank whether it should lock online access or issue new account numbers. Next, report the incident to local law enforcement and the appropriate fraud agency. For suspected elder financial abuse, you can also contact Adult Protective Services in your state.

Kurt’s key takeaways

Georgia’s new law gives financial institutions explicit authority to pause certain transactions when they suspect financial exploitation. However, the hold remains optional, and the protection applies only in qualifying situations. The issue reaches far beyond Georgia. At least 33 states have enacted some form of transaction-hold authority for banks or credit unions, although several newer laws have later effective dates. The protections still vary, so your state and financial institution can shape what happens during the most urgent minutes of a scam. Add a trusted contact where available. Talk with your family about how to verify an emergency and learn how your bank handles suspicious payments. A five-minute conversation today could create the pause that saves someone’s life savings later.

Should a bank have the power to delay your payment when it believes a scammer is directing you, even if you insist the transfer is legitimate? Let us know by writing to us at CyberGuy.com.

Advertisement

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

  • Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
  • For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com trusted by millions who watch CyberGuy on TV daily.
  • Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Advertisement
Continue Reading

Technology

Fortnite is getting a bunch of AI-powered ‘personas’

Published

on

Fortnite is getting a bunch of AI-powered ‘personas’

Get ready for more AI characters in Fortnite. Developer Epic Games is going to let Fortnite creators publish experiences featuring characters with AI-powered voices starting on July 30th, and ahead of that launch, it’s created 36 characters with “consistent voices and personas” that creators can use as NPCs. The characters include Fortnite staples like Agent Jonesy, Peely (the banana), Fishstick (a walking fish), and Cuddle Team Leader (who wears a pink bear mascot head).

Epic tested the waters of AI characters with last year’s Darth Vader NPC that was powered by James Earl Jones’ voice — a collaboration that Jones’ estate signed off on. Even though players quickly got Vader to swear, something Epic fixed quickly, the company announced shortly after debuting Vader that Fortnite creators would be able to make AI-powered characters of their own.

The voices for these new personas rely on “performances captured from independent professional actors specifically for use in developer-made islands,” Epic says. “The actors agreed to have their performances used to develop voice models that create the spoken responses for these LLM-powered Fortnite characters.”

Down the line, it sounds like Epic wants to make characters featuring voices from the well-known actors that have appeared in the Fortnite universe, but it will have to secure the right approvals to do so. “Our next step is to work with the relevant guilds and character voice actors who have previously worked on Fortnite Battle Royale to explore opportunities to make their original voices available across the Fortnite ecosystem,” the company says.

Continue Reading
Advertisement

Trending