DropBox Phishing

Dropbox phishing can arrive in your inbox, as an invitiation to open an “important” file. But if you don’t recognize the sender, or weren’t expecting such an email, don’t trust it! Here are the details of this type of scheme:

The Phishing Email Message

Let’s go over this recent example. There are a few tells here that give away the scam.

DropBox Phishing

I should mention that this email did not come with an attachment. That’s intentional, to steer the recipient to the blue button. But otherwise, the email address looks unfamiliar or irrelevant. The use of English is good, but a little off. And the formatting isn’t right. Dropbox doesn’t use that font or color of blue…

You should never click links in suspicious messages, but if you carefully float your cursor over the blue button in such an email, it will reveal the destination URL in the corner of your browser. In this case, that button does not lead to a Dropbox URL, but to some website stored in Amazon Web Services:

The Rest of the Phish

If a person is tricked into clicking a Dropbox phishing link, they may see something like this:

DropBox Phishing

Again, the tells are here, if you take the time to appreciate them. The fonts and colors are a bit off. The URL is definitely not related to Dropbox. And the browser tab label misspells it as “DR0PB0X”! But the scammers are hoping you won’t notice or are in a hurry to move to the next step.

For anyone unlucky enough to click a sign-in button, they will next be asked for their email address and password. Whatever is typed & submitted will return an error message. But also, whatever entry is made is forwarded to the bad guys behind it all. They will take your email address and password, and try to steal your email or other accounts with it!

Dos and Don’ts

If you receive this message:

  • Don’t reply to this message.
  • Don’t click on any links.
  • Don’t type in any passwords or other important info.
  • Call the sender (if known), or contact them outside of email, to let them know about this.
  • Encourage the sender (if known) to change their email password or otherwise secure their account. They have likely been compromised, and someone bad is abusing their email address!
  • If you do not know recognize the sender’s email address, feel free to report the message as spam.

Leave a Comment