This email also attempts to intrigue telling the recipient that a new PO has arrived creates a sense of curiosity. All this serves to elicit a more confident response from recipients who think they are, in fact, viewing a document from the popular file-sharing cloud platform. Several techniques have been employed in this particular email to look like a genuine notification, including the usage of high-quality graphical elements in the phishing page, such as Dropbox’s branding & logo. Interestingly, it is the downloaded PDF, rather than the email that contains malicious links to the phishing page hosted on Google Docs – a technique employed intentionally to bypass email security filters. MailGuard urges all recipients of this email to delete it immediately without clicking on any links. Upon “logging in”, users are finally told that their download “has automatically been saved” to their “Onedrive folder”. Here, users are told to “sign in” to their email accounts to view the document:
Users are informed that “a document has been sent through OneDrive” and are advised to click the “Access Document” button to view it.Ĭlicking the link to access document then takes users to a phishing page hosted on Google Docs titled “OneDrive”. This page looks like a legitimate page from Dropbox, complete with high-quality branding elements and links to Dropbox support pages, as per the below:Ĭlicking the button to “Download” initiates the download of a.
Unsuspecting recipients who click on the link to view file are led to a page hosted on the Dropbox domain. It informs the recipient that a file titled “PO.PDF” was sent using Dropbox Transfer, and that this file will expire within 6 days. The email body contains the Dropbox logo and is designed to look like an official notification from the file-sharing platform. The malicious emails use a display name of “Dropbox”, and are sent from scammers using compromised Dropbox email accounts. MailGuard has intercepted a phishing email scam spoofing Dropbox, a popular file sharing and collaboration platform among business. Confidential business documents such as contracts, legal documents and finance records are commonly passed on from one recipient to another via email, and cybercriminals often use these as trojan horses to deliver malicious attacks.
0 kommentar(er)
