That Dropbox link in your inbox could be a scam

News
By published

Hackers are abusing Dropbox to deliver malware

data privacy
(Image credit: Shutterstock / Zeeker2526)

Cybercriminals are abusing legitimate cloud services to make sure their malicious files make it to people’s inboxes, new research from Check Point have said.

Dubbingthe practice Business Email Compromise (BEC) 3.0, the researchers said email service providers had gotten a lot better at spotting and filtering malicious emails. 

So in order to work around this, hackers have started using legitimate cloud services, especially those that offer free trial accounts. They would create a free account on a platform such as Dropbox, and use that service to send an email to their victim, carrying a malicious link. Given that the email would be coming from a trusted source and a known domain, email security services can do nothing but let the message reach the inbox.

Protecting your business from the biggest threats online

Protecting your business from the biggest threats online
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?) 

View Deal

Abusing filesharing services

In an example, Check Point said the attackers would create a malicious file and host it on Dropbox. They would then use the platform’s built-in sharing feature to email the link to the malicious file to their victims. As there’s nothing malicious about the email itself, the message would make it into the victim’s inbox.

If the victim opens the file, they would be prompted with a login form asking for their email address and password. In this, first step, the victims would already be giving their Dropbox credentials to the attackers. In the next step, the attackers would redirect the victim to a malicious URL, where they’d be asked for their OneDrive login credentials, as well.

Read more

> Dropbox wants to cut down on the number of apps you use at work

> What is phishing and how dangerous is it?

> These are the best firewalls right now

“So the hackers, using a legitimate site, have created two potential breaches: They will get your credentials and then potentially induce you to click on a malicious URL,” the researchers explained. “That’s because the URL itself is legitimate. It’s the content on the website that’s problematic. You’ll see the hackers mocked up a page that looks like OneDrive. When clicking on the link, users are given a malicious download. “

As usual, the best way to protect against email-borne attacks is to use common sense and not click on unexpected and suspicious links and email attachments.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
Hacker Typing
This devious two-step phishing campaign uses Microsoft tools to bypass email security
Illustration of a hooked email hovering over a mobile phone
AWS misconfigurations reportedly used to launch phishing attacks
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
unblock facebook with vpn
A new Facebook phishing campaign looks to trick you with emails sent from Salesforce
Latest in Security
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Coinbase targeted after recent Github attacks
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Oracle
Oracle denies data breach after hacker claims to hold six million records
Latest in News
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
Ncuti Gatwa as The Fifteenth Doctor in Doctor Who
Disney+ drops new trailer for Doctor Who season 2 that promises an epic adventure across time and space
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
A phone showing a ChatGPT app error message
ChatGPT was down for many – here's what happened
AirPods Max with USB-C in every color
Apple's AirPods Max with USB-C will get lossless audio in April, but you'll need to go wired
More about security
Lock on Laptop Screen

Medusa ransomware is able to disable anti-malware tools, so be on your guard
hacker.jpeg

Key trusted Microsoft platform exploited to enable malware, experts warn
Microsoft

"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
See more latest
Most Popular
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Ncuti Gatwa as The Fifteenth Doctor in Doctor Who
Disney+ drops new trailer for Doctor Who season 2 that promises an epic adventure across time and space
Cassian Andor looking nervously over his shoulder in Andor season 2
New Andor season 2 trailer has got Star Wars fans asking the same question – and it includes an ominous call back to Rogue One's official teaser
23andMe
23andMe is bankrupt and about to sell your DNA, here's how to stop that from happening
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
hacker.jpeg
Key trusted Microsoft platform exploited to enable malware, experts warn
A screenshot from Indiana Jones and the Great Circle showing Indiana Jones
Indiana Jones and the Great Circle finally gets PS5 release date and I can't wait to don the fedora and crack the whip
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Tuesday, March 25 (game #387)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Tuesday, March 25 (game #653)
Quordle on a smartphone held in a hand
Quordle hints and answers for Tuesday, March 25 (game #1156)