A new Dropbox phishing scam emerged last night, with cyber criminals trying to hack the recipient’s email account by harvesting credentials from a fake Dropbox form.
The scam invites users to login to view a file on the online sharing platform Dropbox. MailGuard’s cloud email filtering technology first detected and blocked this threat as it emerged late yesterday.
A sample of the email you should look out for is shown below:
The Dropbox scam appears from a named sender, who is likely to be known by the recipient.
The sender’s email account has been hacked into by the cyber-criminal: they are likely to have received the same Dropbox phishing scam recently and surrendered access to their email account, allowing the criminal to distribute the scam to the range of contacts in their address book.
By doing so, recipients are more likely to trust the email’s content, being from a known friend or acquaintance.
Having clicked to view the file the recipient is then directed to a fake Dropbox landing page, where they are encouraged to sign in using one of several email providers, including Microsoft Outlook, Yahoo and Gmail.
Once the target enters their details, they are then directed to a document hosted in Google Docs – which is clearly a separate sharing platform to Dropbox, and an indication that this isn't a legitimate process.
This fools unsuspecting recipients into thinking the scam is legitimate. However, you’ll notice the blue “Sign in” button on the right hand side of the screen, confirming that the previous screen was actually a dummy page, used to steal their credentials.
The scammers now have access to the recipient’s email username and password which they’ll use to distribute this and other scams further, while gaining access to all information and data within their account.
This scam is very similar to another Dropbox scam we reported last month. Through minor modifications in their approach, cyber criminals are often able to develop new threat variants which bypass existing security solutions.
As MailGuard operates in the cloud, our email-filtering technology is able to block these threats immediately upon detection, in real-time.
If you’re experiencing problems, you can speak to a cloud security specialist on 1300 30 44 30 or email firstname.lastname@example.org.
For more tips on how to identify phishing emails like this Dropbox scam, you can read our article here.
Keep up-to-date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.