Cybersecurity experts have issued a stark Dropbox warning following a rise in phishing scams designed to steal your data data. Here’s what to do if you accidentally click on a malicious link.
Dropbox users risk having their sensitive data being stolen following a concerning spike in phishing scams. More than 700 million people use the file hosting service, which allows you to store data and share content through shared links, folders, and ‘Dropbox Transfers’. It’s a handy way to organise your files while clearing memory from your device, and provides a ‘disaster-proof’ way to recover anything from your account up to 30 day after it’s been deleted.
But, cybersecurity experts over at Proxar warn scammers are posing as trusted individuals or organisations, such as colleagues, vendors, or service providers, to ‘lure recipients into opening malicious links’. This can result in information such as your passwords and images being obtained by criminals, and possess a serious threat to both individuals and companies.
Common tactics being deployed by scammers include fake file-sharing request, fraudulent order confirmations, fake Microsoft 365 credentials requests, as well as two-stage spear phishing. The last technique is where scammers first build rapport with a harmless email, followed by a second email urging the recipient to log in via a fake Dropbox link.
Proxar have therefore urged all Dropbox users to remain ‘vigilant’ and spot the warning signs of phishing emails. Examining the email address closely for unusual characters or non-Dropbox domains is a good starting place. Some scammers will use an email very similar to the company it’s trying to imitate, such as ‘micr0soft’.
“Phrases like ‘Your account will be locked’ or ‘Immediate action required’ are common scare tactics,” the ace’s added. Poor grammar and spelling mistakes can also be a huge giveaway, and remember – Dropbox will never ask for personal information or login credentials via email.
Dropbox scams – how to avoid
- Enable Two-Factor Authentication. You can learn exactly how to do this here.
- Verify Email Authenticity. Remember, emails claiming to be from Dropbox use the official domain, “@dropbox.com”
- Use Strong, Unique Passwords. Password123 isn’t going to be hard to hack.
- Limit Sharing Permissions. Only share files with trusted individuals and use ‘view-only’ permissions when possible
- Keep your Antivirus Software up to date.
“Unfortunately, phishing scams are becoming increasingly sophisticated, exploiting trusted brands like Dropbox to people’s personal information,” a spokesperson at Proxar said. “The key to avoiding these attacks is vigilance. Always verify links and emails before taking action, and enable strong security measures like two-factor authentication.”
If you think you’re being targeted by scammers, make sure you do not click any links or download any attachments. Doing so could transfer your personal data. You should report the email via Dropbox’s ‘Report Phishing’ option and immediately change your password if you accidentally clicked a link you’re not sure about.
Have you been targeted by the Dropbox scam? Email liam.gilliver@reachplc.com for a chance to share your story
