Beware Dropbox Shared File Phishing Emails

Every now and then, I get a phishing email that’s well enough crafted that it’s worth highlighting. Yesterday, I got one purporting to be from Dropbox, alerting me to a file shared by “David.” Well, I know a few Davids, so I wondered who it could be from. But then I used the standard method of checking these emails: I hovered my cursor over the button in the email to see what the link was behind it.

Dropbox phishing

As you can see above, the link went to a server in Denmark (I’ve blurred the name of the server), but the link also has www.dropbox.com in it, trying to trip up users who look at links.

So heed the warning: be very careful about clicking links in emails. This one probably led to a bogus Dropbox login page (the page had been removed when I clicked the link to check it), which would give up your Dropbox credentials, and potentially provide access to a lot of personal files.