Emmanuel Marshall 02 March 2018 14:40:31 AEDT 2 MIN READ

Dropbox brandjacked in new phishing scam


MailGuard has intercepted a new zero-day email scam exploiting Dropbox branding.

As a well known and trusted company, Dropbox’s trademark is regularly used by cybercriminals as camouflage for their phishing attacks. Scammers copy the Dropbox logo onto their emails to lend authenticity to their scams, a practice known as ‘brandjacking’.

This is a typical phishing email that uses a very simple ruse to trick victims into giving up their Dropbox login credentials. The message tells the victim that they have received some files and invites them to click on a link to view them.

When the victims of phishing scams click on links of this sort they are directed to bogus login pages that are set up to look like the real Dropbox website, but actually just harvest their login details.

Scammers can use Dropbox accounts they hijack in this way to store malicious files or they can sell the login credentials to third parties who may want to access the personal documents people store in their Dropbox accounts to execute identity theft fraud.

MailGuard has now blocked these emails from reaching our client’s inboxes.

Phishing scams of this sort can have very harmful consequences for victims so please share this warning on your social networks to help raise awareness.

 

Tell-tale signs of email scams:

  • Generic greetings, such as ‘dear customer’
  • A sense of urgency, e.g. “ensure your invoice is paid by the due date to avoid unnecessary fees”
  • Bad grammar or misuse of punctuation and poor-quality or distorted graphics (this attempt isn’t let down by bad grammar, making it more likely some people will take the bait)
  • An instruction to click a link to perform an action (hover over them to see where you’re really being directed)

 

Defend your inbox


Phishing attacks can be enormously costly and destructive, and new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company from financial and reputational damage, now.

Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates