One month down in 2025: How are your resolutions coming along? Check out how to get back on track here.
Forum Discussion
Anaanato3monkeys
24 days agoNew member | Level 1
Compromised email address was linked to Dropbox team account and is sending out spam emails
Hi,
My work email was compromised (despite having MFA) on Wednesday, January 8th, around 12:20 EST. When the approve authentication came to my phone, I had pressed the "it wasn't me" button. I thought the MFA worked. It didn't.
About 2 hours later, I received a couple of texts from colleagues that they received Dropbox emails that seemed to come from me.
I logged into my oulook account and realized that the hacker put 2 rules on my messages - mark incoming emails as read and moved to RSS feeds folder and if an incoming message includes specific words in the subject line or body "dropbox" to mark it as read and move the message to conversation history folder.
I deleted the rules, changed my password and signed out of all devices. I also had my computer scanned for viruses. I thought I was done with it because I thought it was coming from my email account.
I found out that on Monday that the hacker created a fake Dropbox business account and signed up for the free trial and used my hacked email to set it up. It added so many people (people that were my contacts but also people that I have never written to). I deleted the account.
This fake Dropbox account is still sending out the email - how is this possible? What can I do to completely shut down the account? How can I get help from Dropbox to fix this issue?
- Hannah
Dropbox Staff
I'm sorry to hear that this happened to you, Anaanato3monkeys.
Are the emails being sent out actually Dropbox emails, sent from official Dropbox domains?
You can confirm that by checking our official domains here.
In any case, I would definitely suggest reaching out to our support team about this, as they will be able to access info specific to that account and assist you directly.
You can do so by opening a private browsing/incognito window and going to this page.
From there you'll be able to submit your help request and once you receive a ticket number, please make sure to send it to us as well.
Thanks.
About Security and Permissions
Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.
Need more support
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!