You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

deus_ex_machina's avatar
deus_ex_machina
Explorer | Level 3
6 months ago

How to protect and prevent "share attacks"

Hello all,

 

My company has been inundated by Dropbox "share" attacks, where phishers use the Dropbox share function to bypass spam filters and get fake invoices to land in coworker's inboxes. Dropbox will even helpfully send follow-up emails to everyone who hasn't viewed the document yet.

 

I ran the gauntlet of an escalated support ticket, but that ended with them basically saying I was out of luck because I had no control over that file since it was external and being shared. This was after days had gone by and several people had viewed the malicious document.

 

Surely there is a better way to prevent/report this attack? Blocking no-reply@dropbox.com isn't really an option since we use dropbox, but there has got to be a better way to get help from Dropbox since it is a scammer's paradise to be able to abuse their service like this.

 

Any help is welcome! Thanks in advance.

  • AliceDropbox's avatar
    AliceDropbox
    6 months ago

    Hi deus_ex_machina!

    I'm a product manager on the sharing team. 

     

    Thanks for reaching out! We take such issues very seriously and want to assure you that we were already aware of this situation and have taken immediate actions to address it.

    Ideally, this won't happen again, but if it does, please use the "Report to Dropbox" feature on the email so we can respond promptly.

     

    Your security is our top priority. If you encounter any further suspicious activity or have additional concerns, please do not hesitate to reach back out.

  • Megan's avatar
    Megan
    Icon for Dropbox Staff rankDropbox Staff

    Hey deus_ex_machina, welcome to our Community! 

     

    On our end, I'm afraid that we have no such ways in place to "identify" these actions before they happen. 

     

    When it comes to securing your account, I'd suggest that you keep an eye out for any suspicious content and emails and that you don't open files when shared from external collaborators. 

     

    Of course, our Community & Support is here to help if you come across these types of emails, and cases. 

     

    I hope this clarifies!

    • deus_ex_machina's avatar
      deus_ex_machina
      Explorer | Level 3

      Megan:

      I appreciate the quick reply! It is understandable that Dropbox can't review the authenticity or intent behind every shared document, and removing that feature would negatively impact the platform.

       

      The issue is that the attacker can quickly enumerate large lists of targets, and there is a delay between the shares being sent, and Dropbox support responding to my report. Is there any way to get Dropbox to recognize that we are a legitimate company being targeted by an active campaign, and get a more timely response to our reports?

      • Megan's avatar
        Megan
        Icon for Dropbox Staff rankDropbox Staff

        Hey deus_ex_machina, would you mind sharing your ticket number with me, in order to review it on our system, please? 

About Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

Need more support

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!