Online Threat Alerts (OTA)
An anti-cybercrime community alerting the public.

"WeTransfer Someone Has Sent You a File" Phishing Scams

  • 37
  • 30,806
  • Feb. 4, 2020
  • Oct. 5, 2015

The email message below with the subject "Someone has Sent you a File via WeTransfer," which appears as if it was sent by WeTransfer, a popular cloud-based file transfer service based in Amsterdam that allows internet users to send small to large files, is a phishing scam. The fake email message was created and sent by cyber criminals to trick the recipients into clicking on the link within it, which will take them to a compromised or hacked website, used by cyber-criminals to steal their potential victims' Outlook, Hotmail, Gmail, Yahoo, AOL and other email accounts username and password.

Advertisements

Update: Cyber criminals have created new versions of the malicious "WeTransfer" email message, please view them in the comment section below.

The Fake WeTransfer Email Message

Subject: Someone has sent you a file via WeTransfer
From: WeTransfer (noreply@wetransfer.com)

You have received a new file.

Download

Files (28 MB total)
Will be deleted on
12 October, 2015

Get more out of WeTransfer, get Plus

WeTransfer Contact Legal Powered by Amazon Web Services

The links in the fake email message do not go to the legitimate WeTransfer website located at https://www.wetransfer.com, instead, the links go to a compromised or hacked website.

The Compromised or Hacked Website

Once on the compromised website, the potential victims will be asked to sign-in with their Outlook, Hotmail, Gmail, Yahoo, AOL or other email accounts. Once the victims have entered their information in an attempt to sign-in, their email account's username and password will be sent to the cyber-criminals or scammers behind the scam. With the victims’ credentials or sign-in information, the cyber-criminals will gain access to their email accounts and use them fraudulently.

Therefore, the recipients of email messages, which appear as if they were sent by WeTransfer, claiming that they have received a new file, should ensure that when they click on any of the links in the email message, they are taken to https://www.wetransfer.com. If they are taken to any other websites, they should close the web browser window and delete the email message.

Recipients of the fake WeTransfer email message who clicked on one of the links in the fake email message and who attempted to sign into the fake website are asked to change their email accounts password immediately, before the cyber-criminals use their stolen credentials to lock them out of their accounts, by changing their passwords.

Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.

Note: Some of the information in samples on this website may have been impersonated or spoofed.

Share this article with others.
Advertisements
Write / View Comments (37)
View on Online Threat Alerts (OTA)
Help Maintain Online Threat Alerts (OTA)
Copyright © 2012 - 2024 - Online Threat Alerts (OTA).