A new phishing scam is targeting Dropbox users. Over the past couple of weeks, our service desk has received many calls about this issue. The scams target businesses and individuals. This is the latest Dropbox phishing scam that you need to know about and how to stay safe.
How It Works
You receive an email from Dropbox asking you to open a file or click a link to view a folder. It appears to come from a person or business you know, with a subject like “A File Was Shared With You Via Dropbox.” The email looks legitimate, using Dropbox’s url, logo and style, but the link takes you to a compromised Dropbox login page.
The email often includes a link to a document named “2024_Q3 Financial Plan Approval File-47863.pdf” or “Updated Photos shared,” creating a sense of urgency to click the link. It claims to be sent because you have a Dropbox account, making it seem real. However, it’s a phishing attempt designed to steal your login details. (add Blog link)
If you click the link or attachment, you might be compromised instantly. This could trigger an attack or prompt you to log in, which would steal your credentials and expose you to further cybercriminal attacks.
This is an example of an email one of our clients received.
If you click on “View on Dropbox,” it takes you to a link that is a Dropbox URL; however, the URL has been compromised, and the credentials are not actually from Dropbox but from the cybercriminal. Once you click on the link, you will be taken to a page like this.
If you enter your credentials, they will have complete control over your information, leaving you vulnerable.
What Scammers Do with Your Info Once They Get It?
- More Phishing Attacks: They can use your stolen info to send fake emails to your contacts, tricking them into giving up more sensitive information or clicking on harmful links.
- Identity Theft: With your email and password, scammers can pretend to be you and commit identity theft.
- Unauthorized Access: They can get into your email and other online accounts, possibly using this access for financial fraud or to steal personal information.
- Credential Stuffing: If you use the same password on multiple sites, scammers can try to log into those accounts, too.
Bypassing Multifactor Authentication (MFA)
This scam is tricky because it can get around multifactor authentication (MFA). The attackers use real Dropbox tools to trick you into downloading malware or giving away your login info.
How to Protect Yourself from this Dropbox Scam
- Check the Sender: Make sure the email is really from Dropbox.
- Hover Over Links: Before clicking, hover over the link to see where it really goes. If it looks weird, don’t click.
- Report it to your IT team if there is any feeling something is wonky
- Delete the email without taking any action
- Use MFA: Even though this scam can bypass MFA, it’s still important for other security.
- Use Security Software: Keep your computer’s security software up to date.
- Stay Informed: Learn about the latest phishing scams and how to spot them.
- If your company uses service like KnowB4, then you can click on “Phishing Alert Report” in Outlook (if enabled – see picture below)
Conclusion
Be smart. Slow down and really contemplate if it’s legit. Phishing scams are getting smarter, and this Dropbox scam is a good example. By staying alert and following these tips, you can protect yourself. Be careful with emails or texts asking for personal info or log in details.
If you have been compromised, you may want to do a Cybersecurity Threat Assessment.
