DropBox Phishing Emails are circulating the web

Hackers and cybercriminals are trying to obtain access to specific and random DropBox accounts by sending DropBox Phishing Emails to thousands of email addresses which probably have been obtained via the black-market on the Darknet. The DropBox Phishing Emails claim that a specific file has been shared by a person you might/do not know. The emails which are send are often made pretty by HTML code.

DropBox Phishing Emails

The links are transformed to buttons which might trigger an unaware user to click on it. The links and buttons which are shown in the DropBox Phishing Emails lure the targets to malicious online environments which steal Dropbox credentials and/or they might lure the user to open a file which contains malware. The file could be an attachment or an external file which looks like an image, pdf or .exe file.

Do note that the extensions are not limited to the previously named extensions.

CIRCULATING DROPBOX PHISHING EMAILS

We have an example of an DropBox Phishing Email. In this example, the hacker or cybercriminal tries to lure the target by claiming that “David” has shared a document on Dropbox. The cybercriminal included a filename which claims that the attachment is an PDF file.

DropBox phishing email
DropBox phishing email

The DropBox Phishing email continues to explain that the document will be deleted from the server on its given expiry data.

The Phishing email closes with a “thank you” message from the DropBox team.

How to discover phishing emails and how to stay safe

If you are cautious, you can always login at the official DropBox website and see if a message has been delivered which claims that you have an attachment which is waiting for you. If you still hesitate, you can contact the DropBox support team, and ask them for support on the received e-mail. They can verify for you if it is an genuine e-mail.

You can also copy and paste the links which are attached in the email to the VirusTotal website. The VirusTotal website will scan the provided links and attachments on malicious codes and signatures. The VirusTotal service is completely free to use.