Even the Chief Justice Can’t Save You from Bad Email Hygiene

How Self-Storage Operators Can Spot and Stop Phishing Scams

It started with an email from “Chief Justice John Roberts.” Apparently, I was about to lose a $200 million inheritance unless I paid a $500 fee. The message was riddled with typos, emotional manipulation, and name-drops like Jamie Dimon and the Supreme Court — a scam so outrageous it bordered on satire.

But here’s the catch: not all phishing emails are this laughable. Many are subtle, professional-looking, and designed to exploit trust. In the self-storage industry, where operators handle sensitive customer data, payment systems, and remote access tools, one click on a malicious link can lead to ransomware, data breaches, or financial loss.

Why Self-Storage Is a Growing Target

Self-storage facilities are increasingly digitized — smart locks, online reservations, automated billing, and cloud-based surveillance. That convenience comes with risk. Cybercriminals know that many operators lack dedicated IT teams, making them prime targets for low-effort, high-reward attacks.

Anatomy of a Phishing Scam

Phishing emails often use:

• Authority figures (e.g., bank CEOs, government officials) to create urgency.
• Emotional triggers like fear, greed, or guilt.
• Spoofed domains that mimic real companies.
• Urgent calls to action (“Click here to verify,” “Pay now to avoid suspension”).

Even seasoned professionals can be fooled — especially when multitasking or under pressure.

5 Ways to Strengthen Your Defenses

1. Train Your Team
   Run quarterly phishing simulations. Teach staff to spot red flags like misspellings, strange sender addresses, and unexpected attachments.

2. Use Multi-Factor Authentication (MFA)
   Require MFA for email, billing platforms, and remote access tools. It’s one of the simplest ways to block unauthorized logins.

3. Segment Your Network
   Keep customer data, surveillance systems, and employee workstations on separate networks. If one is breached, the others stay protected.

4. Update Software Religiously
   Outdated systems are low-hanging fruit for attackers. Enable automatic updates wherever possible.

5. Have a Response Plan
   If someone clicks a malicious link, what happens next? Define your incident response steps — from isolating devices to notifying affected customers.

Final Thought: Humor Can Be a Warning Sign

That “Chief Justice” email was laughable — but it’s also a reminder. The absurd ones are easy to spot. The real threats are the quiet ones that look like invoices, password resets, or vendor updates.

Cybersecurity isn’t just an IT issue. It’s a business continuity issue. And in self-storage, where trust and access are everything, protecting your digital front door is just as important as securing the physical one.