Contacts of a prominent CEO in the financial services sector are being targeted in a Dropbox spear-phishing scam identified by MailGuard.
The email, sent to the CEO’s contacts in the past 24 hours, poses a high risk as it appears to be from a familiar and credible sender.
MailGuard was the only one of 67 major security providers to detect the malicious email when it began hitting inboxes.
The cybercriminals use an unrelated – but nonetheless legitimate – hacked Google Apps account to launch the attack. They have altered the account name to look like it belongs to the CEO.
A fake Dropbox email is a common tactic used by scammers, as MailGuard has reported in the past.
Those who receive the email are asked to click a link to view an important Dropbox document.
Recipients are then prompted to select their email provider. By doing this the scammers hope to steal recipients’ Outlook, AOL or other email log-in and password details.
While attention to detail is lacking – note the incorrect spelling of ‘select’, the unrelated domain address and the strange grammar in the email body – the risk is recipients won’t apply their usual scrutiny because they recognise the sender name and signature, and the Dropbox logo.
Those who choose to log in via Microsoft Outlook are then directed to a sign-in page with Microsoft branding.
Did you receive an invitation to view an item in DropBox?
It’s important not to click any links from suspicious-looking emails. While this version does not contain malware, it seeks to steal victims’ user names and passwords.
Many people make the mistake of using the same user name and password on multiple accounts. This means when you input your email address and password on the fake log-in page, the scammers can detect and record them.
They can then use that information to take over your email account, and might also try using that combination to discover what other accounts – including banking accounts – they can log into without your knowledge.
Tips on avoiding being duped by a phishing scam
- Only click links from trusted senders. If an email has a link you don’t recognise, take a closer look by hovering your mouse over and checking the destination of the link in your browser. If it doesn’t match, it is not legitimate.
- Check who is sending you email communication. Be aware that malware, phishing scams or spam may come from unrecognisable or odd email addresses, however legitimate email addresses can be forged easily. Sometimes the forged address can be just a single character different to a trusted address.
- A reputable company or organisation never uses an email to request personal information. If you think there is a possibility it may be legitimate, type the real URL into your browser or contact the company directly.
- Never respond. If unsure, report the message as ‘spam’ to your service provider, and delete it! Also, you should delete the email from your trash to save you accidentally opening it in the future.
- Check for spelling, grammar and syntax. Most malware, phishing scams or spam originate from foreign countries so may contain some very obvious errors.
What is phishing?
Phishing is a favourite cybercriminal tactic: sophisticated modern-day forgers use deception and social engineering techniques to trick users.
This is done by sending emails, text messages or website links purporting to be from authentic companies that the victim may have had previous communications with (also called spoofing).
These fake messages or links are then used to persuade the recipient to reveal personal information including usernames, passwords and credit card details.
Phishing scams have become increasingly prevalent because they are easy to execute.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
