Forum Discussion

rgdes's avatar
rgdes
Explorer | Level 3
3 years ago

Weird authentication behavior from Dropbox upon receiving a suspicious email.

Hi,

There is some evidence that an actual link from dropbox, sent from no-reply@dropbox.com, with right domain and certificate, was related to an attack attempt and I would like some opinions. 

 

The behavior is weird. It was shared with a list of people and asks for credentials, but any password, right or wrong, asks for a MFA code.

Is that normal? Why would it ask for MFA code after wrong passwords?


Any help is appreciated.
Thanks

account access
Account Settings
Permissions
security

1 Reply

  • Megan's avatar
    Megan
    Icon for Dropbox Community Moderator rankDropbox Community Moderator
    3 years ago

    Hi rgdes, I hope you're doing well!

     

    In regards to the email you received, could you possibly send me a few screenshots of the body of the email, along with the email address you received it from?

     

    Just make sure none of your personal info is shown there. 

     

    Keep me posted, and we'll take it from there!

About Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

The Dropbox Community team is active from Monday to Friday. We try to respond to you as soon as we can, usually within 2 hours.

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X, Facebook or Instagram.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!