cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Tell us what you want to see on the Community here!
Close

Dropbox accounts & billing

Make your Dropbox account work for you, with the help of Community users like you. Join in or start a discussion of your own.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Phishing Attack

Highlighted

Phishing Attack

Explorer | Level 4

Hi All,

 

Our company seems to be targeted by a phishing attack. The email was sent out org-wide (more than 500 emails), and I have already tried forwarding the email to abuse@dropbox.com, but now we are getting "Reminder: John Smith sent you "DRAFT STATEMENT.pdf"

 

Besides user training to not click the links in the email, is there anything Dropbox can do to prevent these mass, targeted attacks on our organization? 

1 Accepted Solution

Accepted Solutions
Highlighted

Re: Phishing Attack

Dropboxer

This seems to be a legit email sent by us, due to a file being shared with you via a file transfer, Kevin. 

 

Since you've already forwarded this to the abuse@dropbox.com email address, there's not much more I can suggest at this point as this will be investigated by the relevant team and while you won't receive a reply, the links will be analyzed and taken down in a timely fashion, if applicable.

 

In the meantime, perhaps, you could create a rule in your email service to have those emails forwarded in your junk or spam folder, but this would fall outside of our remit. 

 

 I know it's not much, but I hope this helps to some extent. 



Walter
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below.
Still stuck? Ask me a question!
Tips & Tricks Find new ways to stay in flow or share your tips on how you work smarter with Dropbox.

View solution in original post

6 Replies 6
Highlighted

Re: Phishing Attack

Dropboxer

Hi @Kevin_Bend; welcome to our Community and sorry to hear about this.

 

Can you please clarify if the email you're referring to is coming from one of our official domains or a phishy-looking one? 

 

While at it, can you forward me a screenshot of this so I can get a visual too?

 

Thanks!



Walter
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below.
Still stuck? Ask me a question!
Tips & Tricks Find new ways to stay in flow or share your tips on how you work smarter with Dropbox.

Highlighted

Re: Phishing Attack

Explorer | Level 4

Finley Finn - Dropbox.jpg

 

Highlighted

Re: Phishing Attack

Dropboxer

This seems to be a legit email sent by us, due to a file being shared with you via a file transfer, Kevin. 

 

Since you've already forwarded this to the abuse@dropbox.com email address, there's not much more I can suggest at this point as this will be investigated by the relevant team and while you won't receive a reply, the links will be analyzed and taken down in a timely fashion, if applicable.

 

In the meantime, perhaps, you could create a rule in your email service to have those emails forwarded in your junk or spam folder, but this would fall outside of our remit. 

 

 I know it's not much, but I hope this helps to some extent. 



Walter
Community Moderator @ Dropbox
https://dropbox.com/support


Heart Did this post help you? If so, please give it a Like below.
Still stuck? Ask me a question!
Tips & Tricks Find new ways to stay in flow or share your tips on how you work smarter with Dropbox.

View solution in original post

Highlighted

Re: Phishing Attack

Explorer | Level 4

Spam that appears to come from my email with Dropbox link sent to all my contacts:

I am looking for help with a similar phishing problem and posted several hours ago in "Community", but I don't see my message in the recently posted section. I am new to this and had to hunt around to find it, so sorry if this is the wrong way to do it. Anyway, mine is in my personal AOL email, but it seems to be going to everyone in my contacts. Someone sent a fake dropbox link to all of my email contacts this morning. It took me hours to figure it out and recover all of my contacts. I changed my password on both my email and dropbox account. How did they get my info? They wiped out my contacts, but I figured out how to get them back.  But I don't know how to notify everyone who got it that it was spam. When someone tries to reply to it, it goes directly into my deleted mail folder, but at least I can see it there.

Highlighted

Re: Phishing Attack

Explorer | Level 4

@CamiK Try looking to see if there is a rule set in your email that is sending everything to the deleted mail folder. I have seen this a few times with our Office 365 setup. 

Highlighted

Re: Phishing Attack

Explorer | Level 4

You are right, Kevin. There are three filters in my AOL settings that I did not create. All 3 are set up to go directly into my "recently deleted" folder. I was able to edit the criteria and actions but cannot get rid of the filters.  They must have been set up by the hacker/spoofer. In any case, I fixed it enough so it shouldn't be a problem. Thanks for the suggestion.

Work Smarter with Dropbox

The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.

Sound good? Let's get started.
Who's talking

Top contributors to this post

What do Dropbox user levels mean?
Need more support?