Dropbox Phishing Campaign Delivers Bogus Invoices

Dropbox Phishing Campaign Delivers Bogus Invoices

Cloud storage giant Dropbox is once again at the center of a security issue—through no fault of its own.

Cyber-criminals have mounted a malware-based phishing blast that attempts to impersonate itself as a Dropbox notification email. Considering that millions of users turn to Dropbox on a weekly if not daily basis to store files and share documents with colleagues, chances are high that the bogus mails end up being effective—unless the would-be victim examines the note carefully.

According to AppRver, the phishing email alerts the recipient that they’ve received an invoice file and must download it via the link provided. The message claims that the invoice is for work completed for language translation. Additional elements that were dead giveaways for the campaign are the spoofed sender’s address, source-sending servers and the language used in the message.

When a user clicks on the link within the email, a zip archive file is almost immediately downloaded to the computer.

“The download link within the message is an exploited SharePoint URL where the .zip file is stored. From the live samples we’ve seen, it appears that this is an isolated source of the malware and that it hasn’t spread to other SharePoint sites,” AppRiver said in a threat notice.

DomainTools and Osterman Research shared a recent report with Infosecurity that shows that phishing campaigns like this one are up several hundred percent this year—and all too often, those campaigns are delivering ransomware. These have permeated the enterprise, with 73% of organizations experiencing some type of cyberattack in the past year. As a result, CISOs and IT professionals cite phishing and ransomware as the top two security concerns impacting businesses of all sizes.

The report said that 51% of C-level and IT execs have experienced between one and five phishing or ransomware incidents in the past year, while nearly a quarter have experienced six or more. There are now 4,000 ransomware attacks occurring daily, a 300% increase from 2015, the report found.

Photo © Gwoeli

Source: Information Security Magazine