Cybercriminals are sending out fake and malicious Dropbox email messages like the one below, which claims the senders are attempting to send documents to the recipients, but the documents are too large or there are multiple copies of the documents, so the senders used file hosting or storage website, Dropbox, to share the documents. The fake email messages then state that the recipients should click on a link within the same email messages in order to view the same documents. But, the links go to a fake or phishing Dropbox website, where the recipients will be asked to sign-in with their Google, Hotmail, Yahoo, AOL or other email providers’ username and password.
A Sample of the Dropbox Phishing Email
From: Emily Cline ecline3@elon .edu
Date: February 29, 2016 at 10:40:09 AM EST
Subject: Document for record
I'm trying to send you documents through attachment, but it is multiple, so i had to use Drop-box to shared.
Please view [documents] and keep file for your record.
Recipients of the fake Dropbox email messages, who have already clicked on the link within the same email messages and have entered their usernames and passwords on the fake or phishing Dropbox website, should change their passwords immediately before their email accounts are hijacked by the cybercriminals who are responsible for the fake or phishing Dropbox email messages.
And, Dropbox’s website is located at https://www.dropbox.com/, so recipients of Dropbox email messages, should ensure that they are not taken other websites. If they are, someone is attempting to trick them into visiting a fake Dropbox website, with the intention of stealing their accounts’ username and password.
Check the comment section below for additional information, share what you know, or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search
Note: Some of the information in samples on this website may have been impersonated or spoofed.
Comments, Questions, Answers, or Reviews
To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews. NB: We will use your IP address to display your approximate location to other users when you make a post. That location is not enough to find you.
Your comment, answer, or review will be set as anonymous because you are not signed in. An anonymous comment, answer, or review cannot be edited or deleted, therefore, review it carefully before posting. Sign-in.
Show More Comments (4)
Write Your Comment, Question, Answer, or Review