Are you receiving these notifications via email, the website, the desktop app, or the mobile app? Email to the user in their corporate ID. Is it always from the same user? Nope, few cases were reported which I was involved. Last two cases the same notification from a genuine client's name came to 4 people in the same project. However the recepients were not expecting a file to be shared by the client. Client later confirmed he did not send it. Is the same .pdf file always mentioned as being shared? Nope - infact both times users were not successful downloading the file. They said the download did not work. When I attempted the link went to a Dropbox 404 error which means the page is unavailable. When users click on it, what happens? Do they get an error? - As above. The links to download the file below and the email headers indicate a genuine notification. https://www.dropbox.com/l/scl/AADBoWEWG6uR64Fo-kVSWRc52rYOFUdOp2c https://www.dropbox.com/l/scl/AABXJAW_pBLrs0AoMsx2hNGscsz1xKMhaks
... View more
I am part of the Cyber team in my organisation. We have seen many reports from users around the Dropbox notifications which they receive from the users they know stating a xxxx.pdf file was shared. Obviously the user clicks on the link but mostly do not get the file as stated and the urls are indeed pointing to Dropbox itself. In many cases we have verified that the purported sender haven't send a file at all. Looking at the email headers it appears the email did come from Dropbox (AWS cloud) which is confusing. Do the experts here have any clue on how this unsolicited emails reach the recepients ? It is obvious that social engineering in play and most likely if the file or link happens to be malicious there are good chances to get infected. I have raised couple of times via cases to dropbox but unfortunately I have never got an explanation. Appreciate any inputs if Dropbox admins is aware of this and advise how this spamming is successful.
... View more