I received an email the other day. It looked like a classic phishing attack, except there was no link to fix the problem…
Your account is in violation of our terms of service
Hello. This is ************* from SpiderOak’s support team. I’m writing to inform you that your account is in violation of our Terms of Service immediate action is needed on your part.
Because of the amount of data stored in your account or the type of data you are storing, your account is negatively affecting the accounts of other SpiderOak users. Because of this it will be necessary to close your current account.
We realize this is sudden and we want to do what we can to help you.
We have two options to offer to help you move forward:
1. A 5 TB account at the same price as your existing account. If you choose this option a member of our support team will help you set up a new account, transfer your billing information, and place the new account on a 5 TB plan at the correct price.
2. Cancellation and a full refund of your most recent payment. If you choose this option our support team will set up a refund as soon as we hear from you.
If we don’t hear from you by the end of this week we will lock your account while retaining your data for a grace period of 14 days. At the end of the grace period if we still have not heard back from you your account will be canceled.
You can contact us by replying to this email, or by writing to email@example.com. Please contact us as soon as possible so we can help you move to one of the options I mentioned.
The first thing I did was check my account directly and then replied with this…
Hello ************* and support
To check this isn’t a phishing attack can you tell me the name of the device and how much data is currently stored?
I’m keen to resolve this but it strikes as a phishing attack.
It felt like a phishing attack and since I have seen a bunch of new data dumps, you could hardly blame me.
But once I could verify everything I suggested removing some of my older computer backups after seeing this. This fell on deaf ears.
Unfortunately that isn’t an option. Your account has been using excessive resources, which has caused issues for a number of other users on the same server cluster as you. Because of the No Knowledge nature of our product we can’t tell you exactly what is causing the issue. I’m sorry that I don’t have more details for you.
The two options I can offer you are moving to a new 5 TB account (at your current payment price, normally it is a $320 / year plan) or cancellation and a refund. You won’t be able to keep your current account.
Note in option 1, if I pay more money I could still upload the same files to Spideroak!!! Something is fishy here. Either theres a problem with my files or not. I get the zero-knowledge issue but something doesn’t add up.
Frankly I’m pretty peed off about this all. I’m not the only one either, a few searches later I found others who have had similar emails.
Spideroak a while ago stopped their unlimited option and it feels like this the nail in the coffin by removing all the unlimited users?!
I guess its been a good but I have been thinking about switching since Spideroak is American based, the change to the warranty canary and finally something which has always bugged me – No two factor auth!
Suggestions for places to store my backup data which is also zero-knowledge or I could client side encrypt it before uploading if needed.