cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community
English
Announcements
Want to learn some quick and useful tips to make your day easier? Check out how Calvin uses Replay to get feedback from other teams at Dropbox here.

Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Unauthorized access to my account on 11/4/22

Unauthorized access to my account on 11/4/22

Sandy
New member | Level 2
‎11-08-2022 06:23 AM
Go to solution

A device in Colorado accessed my Dropbox. I changed my password. 

Is it related to the phishing attack?  Can the IP address listed be used to identify the person, or report them?

 

Thanks

  • 0 Likes
  • 3 Replies
  • 1,843 Views
0 Likes
1 Accepted Solution

Accepted Solutions

Sandy
New member | Level 2
‎11-08-2022 06:50 AM
Go to solution

Thank you for the help, and the very quick reply.

 

In troubleshooting, I learned that it was my own phone using a remote IP. I had no idea that was possible. 

When I changed my password and unlinked the "suspicious" device, Dropbox then required a fresh login on my phone.

Now the same device is listed as linked, but with a local IP. Weird.

 

Thanks again.

View solution in original post

0 Likes
3 Replies 3

Rich
Super User II
‎11-08-2022 06:31 AM
Go to solution
@Sandy wrote:

Is it related to the phishing attack?  Can the IP address listed be used to identify the person, or report them?

Any unauthorized access on any server could be related to a phishing attack. Have you clicked any links in email recently and entered your credentials as a result? If so, it could have been due to a phishing attack.

 

The IP address won't tell you anything useful. At most it will only tell you the owner of the IP range (the ISP, not the individual). It does nothing useful for location (my IP address shows a location on the opposite side of the state from where I really am) and it's easily faked (VPN services, etc.).

 

The best thing you can do is to first change your password, which you've done, and then verify there are no unknown devices or active web sessions listed on your Security page. If there are, remove them.

0 Likes

Sandy
New member | Level 2
‎11-08-2022 06:50 AM
Go to solution

Thank you for the help, and the very quick reply.

 

In troubleshooting, I learned that it was my own phone using a remote IP. I had no idea that was possible. 

When I changed my password and unlinked the "suspicious" device, Dropbox then required a fresh login on my phone.

Now the same device is listed as linked, but with a local IP. Weird.

 

Thanks again.

0 Likes

Rich
Super User II
‎11-08-2022 07:19 AM
Go to solution
@Sandy wrote:

In troubleshooting, I learned that it was my own phone using a remote IP. I had no idea that was possible.

Just goes to show how IP information is (mostly) useless. As another example, my phone's IP currently shows its location as New York City, and I'm about 4 hours away from New York.

Need more support?
Who's talking

Top contributors to this post

  • User avatar
    Rich Super User II
  • User avatar
    Sandy New member | Level 2
What do Dropbox user levels mean?