cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

BEWARE: Fake email from "no-reply@dropboxmail.com"

Labels:

BEWARE: Fake email from "no-reply@dropboxmail.com"

Luispw
Explorer | Level 3
‎09-13-2019 12:34 AM
Go to solution

So I just received an email from no-reply@dropboxmail.com saying that someone had tried to log into my account from an "unrecognised location". I found it weird because I don't even use that email account with Dropbox, but the email address seems legit. 

I'm attaching a screenshot of the email. 

Anyway, there is a link "Click here to verify...". I didn't click, I copied the link instead, without visiting it. And here's what came up: 

https://www (dot) dijitalkurumsal (dot) com/js/EMAILVARIFICATION.php?email= + my email address

So be careful, because I think "dijitalkurumsal" has nothing to do with Dropbox. 😕

screenshot.jpg

Labels:
  • 0 Likes
  • 4 Replies
  • 66.4K Views
0 Likes
1 Accepted Solution

Accepted Solutions

Rich
Super User II
‎09-14-2019 02:45 PM
Go to solution

The dropboxmail.com domain name is actually a legitimate domain used to send official email from Dropbox, but that doesn't mean that someone can't spoof the address and send fake emails that appear to come from it, such as in the phishing attempt that you received.

You can find a list of the official domains used by Dropbox in the following help article:

[Mod edit 2023, edited Help Center link]

View solution in original post

4 Replies 4

Walter
Dropbox Staff
‎09-13-2019 12:44 AM
Go to solution

Hey there @Luispw - welcome to our Community and thanks for flagging this with us!

At first, note that legitimate emails from us would come from no-reply@dropbox.com and not no-reply@dropboxmail.com.

That being said, I'm glad to hear you didn't click on any link within that email as it appears that this message was impersonating Dropbox’s services in an attempt to maliciously impact your machine. 

Moreover, I wanted you to know that your diligence is what's helping us keep all of our users safe. We appreciate you reporting fake Dropbox URLs or attempts to compromise user’s credentials. 

If it's not to much to ask, I'd also suggest forwarding your report directly to abuse@dropbox.com.

I hope this helps at some extent and -once again- thanks for bringing this to our attention.

If there's anything else you'd like to add or ask, please feel free to get back to me; I'll be more than happy to follow up. 

Walter
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join

0 Likes

Luispw
Explorer | Level 3
‎09-14-2019 02:37 AM
Go to solution

Hi Walter! 

Thanks for your prompt response. Sorry for thinking that email address was legitimate. I thought so because I'd seen another thread mentioning it was. Maybe I misread that. 

I will forward my original message to abuse@dropbox.com. 

Thanks again.

Take care. 

0 Likes

Rich
Super User II
‎09-14-2019 02:45 PM
Go to solution

The dropboxmail.com domain name is actually a legitimate domain used to send official email from Dropbox, but that doesn't mean that someone can't spoof the address and send fake emails that appear to come from it, such as in the phishing attempt that you received.

You can find a list of the official domains used by Dropbox in the following help article:

[Mod edit 2023, edited Help Center link]

Walter
Dropbox Staff
‎09-16-2019 03:10 PM
Go to solution

Hello people @Rich & @Luispw!

@Luispw: Apologies for jumping up the gun there; it seems like my coffee hadn't kicked in yet :laughing:

As @Rich correctly mentioned (can't thank you enough Rich), this is an official domain of ours (unfortunately, susceptible to such attacks) - I'm sorry for not including this piece of information in my initial response.

That being said, if you've already forwarded your report to our team (as mentioned), rest assured we'll take the appropriate actions in due time.

Have a lovely week!

 

[This thread is now closed by moderators due to inactivity. If you're experiencing a similar behavior or have a question, feel free to Ask for help from the Community here.]

Walter
Community Moderator @ Dropbox
dropbox.com/support


Heart Did this post help you? If so, give it a Like below to let us know.
:arrows_counterclockwise: Need help with something else? Ask me a question!
:pushpin: Find Tips & Tricks Discover more ways to use Dropbox here!
:arrows_counterclockwise: Interested in Community Groups? Click here to join

0 Likes
Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Walter Dropbox Staff
  • User avatar
    Rich Super User II
  • User avatar
    Luispw Explorer | Level 3
What do Dropbox user levels mean?