Beware of "Someone Has Sent You a File via WeTransfer" Phishing Scam
October 5, 2015
The email message below: "Someone has Sent you a File via WeTransfer," which appears as if it was sent by WeTransfer, a popular cloud-based file transfer service based in Amsterdam that allows internet users to send small to large files, is a phishing scam. The fake email message was created and sent by cyber-criminals to trick the recipients into clicking on the link within it, which will take them to a compromised or hacked website, used by cyber-criminals to steal their potential victims' Outlook, Hotmail, Gmail, Yahoo, AOL and other email accounts username and password.
Please continue reading below.
Update: Cybercriminals have created new versions of the malicious "WeTransfer" email message, please view them in the comment section below.
The Fake WeTransfer Email Message
Subject: Someone has sent you a file via WeTransfer
From: WeTransfer (firstname.lastname@example.org)
You have received a new file.
Files (28 MB total)
Will be deleted on
12 October, 2015
Get more out of WeTransfer, get Plus
WeTransfer Contact Legal Powered by Amazon Web Services
The links in the fake email message do not go to the legitimate WeTransfer website located at: https://www.wetransfer.com, instead the links go to a compromised or hacked website.
The Compromised or Hacked Website
Once on the compromised website, the potential victims will be asked to sign-in with their Outlook, Hotmail, Gmail, Yahoo, AOL or other email accounts. Once the victims have entered their information in an attempt to sign-in, their email account's username and password will be sent to the cyber-criminals or scammers behind the scam. With the victims’ credentials or sign-in information, the cyber-criminals will gain access to their email accounts and use them fraudulently.
Therefore, the recipients of email messages, which appear as if they we sent by WeTransfer, claiming that they have received a new file, should ensure that when they click on any of the links in the email message, they are taken to https://www.wetransfer.com. If they are taken to any other websites, they should close the web browser window and delete the email message.
Recipients of the fake WeTransfer email message who clicked on one of the links in the fake email message and who attempted to sign into the fake website, are asked to change their email accounts password immediately, before the cyber-criminals use their stolen credentials to lock them out of their accounts, by changing their passwords.
Please share with us what you know or ask a question about this article, by leaving a comment below. And, forward malicious email messages to us using the following email address: email@example.com .
Alert and help your family and friends by sharing this article with them: