»

"We Transfer You have a New File" Phishing Scam

 +
"We Transfer You have a New File" Phishing Scam

Would you share this article with others?

The fake email message below with the subject "You have a new file," which appears as if it was sent by WeTransfer, a popular cloud-based file transfer service based in Amsterdam that allows internet users to send small to large files, is a phishing scam. The fake email message was created and sent by cyber criminals to trick the recipients into clicking on the link within it, which will take them to a compromised or hacked website, used by cyber-criminals to steal their potential victims' Outlook, Hotmail, Gmail, Yahoo, AOL and other email accounts username and password.

Update: Cyber criminals have created new versions of the malicious "WeTransfer" email message, please view them in the comment section below.

The "We Transfer You have a New File" Phishing Scam

Hi info You have a new file

Thu 6/13/2019 4:59 PM

From: We Transfer - no-reply@wetransfer.org

Files sent to

Get your files

6 files, 20.3 MB in total ・ Will be deleted on 19th June, 2019

Hi info,

Thanks for using WeTransfer. We'll email a confirmation as soon as your files have been downloaded.

The links in the fake email message do not go to the legitimate WeTransfer website located at https://www.wetransfer.com, instead, the links go to a compromised or hacked website.

Once on the compromised website, the potential victims will be asked to sign-in with their Outlook, Hotmail, Gmail, Yahoo, AOL or other email accounts. Once the victims have entered their information in an attempt to sign-in, their email account's username and password will be sent to the cyber-criminals or scammers behind the scam. With the victims’ credentials or sign-in information, the cyber-criminals will gain access to their email accounts and use them fraudulently.

Therefore, the recipients of email messages, which appear as if they were sent by WeTransfer, claiming that they have received a new file, should ensure that when they click on any of the links in the email message, they are taken to https://www.wetransfer.com. If they are taken to any other websites, they should close the web browser window and delete the email message.

Recipients of the fake WeTransfer email message who clicked on one of the links in the fake email message and who attempted to sign into the fake website are asked to change their email accounts password immediately, before the cyber-criminals use their stolen credentials to lock them out of their accounts, by changing their passwords.

Note: Some of the names, addresses, email addresses and telephone numbers in email samples on this website may have been impersonated.

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

You can help maintain Online Threat Alerts by paying a service fee. Click here to make payment.

Comments, Questions, Answers, or Reviews
There are no comments as yet, please leave one below or revisit.

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews.

Write Your Comment, Question, Answer, or Review
Write your comment, question, answer, or review in the box below to share what you know or to get answers. NB: We will use your IP address to display your approximate location to other users.
Your comment, question, answer, or review will be posted as an anonymous user because you are not signed in. Anonymous posts cannot be edited or deleted. Sign-in.

"We Transfer You have a New File" Phishing Scam