CALL TODAY! +1 212 222 7061
  • Home
  • Contact Us
  • Blog
  • 24×7 Cyber 911 Response
Report incident
  • IR & Forensics
    • Digital Forensics Services
    • Cyber Incident Response Retainer
    • Cyber Incident Response
    • Data Breach Response
    • Digital Forensics
    • Ransomware Response
    • Bitcoin Payments
  • Proactive Security
    • Proactive Cyber Defense Services
    • Managed Threat Hunting & Response
    • Remote Cybersecurity Suite
    • The Daily T.R.U.T.H.
    • Remote Worker Cyber Resilience
    • Post Ransomware Threat Hunting Services
    • Cyber Threat Hunting
    • Penetration Testing
    • Secure Code Review
    • Phishing Attack Simulation
    • Managed Detection and Response
    • Ransomware Protection Package
    • Business Email Compromise
  • Advisory
    • Cybersecurity Advisory Services
    • CISO as a Service
    • Gap Assessment
    • Cyber Resilience & Response
    • Compliance Advisory
    • Cloud Security Advisory
    • Project Management as a Service (PMaaS)
    • Tabletop Exercises
    • Cyber Resiliency Training
  • SecurityScorecard
    • Request a Demo
    • Security Data
    • Security Ratings
    • Market Place
    • Security Assessments
  • Resources
    • Case Studies
    • Technical Tools
    • Technical Guides
    • White Papers
    • Cyber Interviews, Tips & FAQ
  • Company
    • About LIFARS
    • About SecurityScorecard
    • Notable Cases and Evidence Contribution
    • Meet the Team
    • Clients Advisory Board
    • LISIRT – Computer Security IR Team
    • Cyber Alliances
    • Insurance Panels
    • Cyber Events & Webinars
    • Cyber Press Room
    • Career in CyberSecurity
    • Cyber Security Training Videos
    • LIFARS SMS Alerts
    • Hackbits Podcast

Clever Dropbox Phishing Scam

10/20/14

Phishing attacks are commonplace nowadays. While some of them are of amateur make, a recent Dropbox phishing attack is anything but poor of design. The author of this phishing campaign came up with a clever idea, following in the footsteps of his predecessor who pulled off a similar phishing scam using Google Docs and Drive.

HOW DOES THIS PHISHING CAMPAIGN DIFFER FROM THE REST?

According to Symantec, the scam email arrives in a victim’s mailbox with the subject “important.” The email goes on to claim that the victim has been sent a large file that cannot be sent via email for security reasons. Next, the email asks the recipient to pick up the file by clicking on a link that takes him/her to a fake Dropbox login page. Here is where it gets tricky: the fake login page is indeed hosted on Dropbox’s user content domain. The same way as any other file you upload to Dropbox would be hosted. The landing page itself is served over SSL (just like any other file hosted on Dropbox), which further solidifies people’s trust in the page.

There is one major difference between this login page and the real Dropbox page: on the fake page, you also have icons of popular web-based email services, including Gmail and Yahoo mail to give the victims a feeling they can use those credentials for logging in as well. Once the user hits the Sign in button, the credentials are submitted to a compromised Web server over SSL- another critical point in the attack, without which, the attack’s effectiveness would drop sharply.

The page did actually contain some non-SSL resources, such as pictures and style sheets. Users using new Web browsers might have seen a warning that the page contains non-secure content, but it’s likely that a majority of users did not know what this means and dismissed the warnings. The page itself has already been taken down by Dropbox.

 

Related Posts

Share this:

  • Tweet
  • Pocket
  • WhatsApp
  • Email
  • Telegram
  • Share on Tumblr

subscribe for cybersecurity newsletter

LIFARS Cyber Security Training

  • Digital Forensics
    • Computer Forensics Services
    • LISIRT – LIFARS Computer Security Incident Response Team
    • Cyber Incident Response Retainer
    • Cyber Incident Response
    • Data Breach Response
    • Digital Forensics
    • Ransomware Response
    • Bitcoin Payments
  • Cybersecurity
    • Proactive Cyber Security
    • Managed Cybersecurity Threat Hunting & Response Service
    • Post Ransomware Threat Hunting Services
    • The Daily TRUTH
    • Remote Worker Cyber Resilience
    • Penetration Testing
    • Secure Code Review
    • Cyber Threat Hunting
    • Phishing Attack Simulation
  • Security Advisory
    • Cybersecurity Advisory and Consulting Services
    • CISO as a Service
    • Gap Assessment
    • Cyber Resilience Subscription
    • Compliance Advisory
    • Cloud Security Advisory Services
    • Tabletop Exercises
    • Cyber Resiliency Training
  • Resources
    • Case Studies
    • Technical Tools
    • Technical Guides
    • White Papers
    • Cyber Interviews, Tips & FAQ
    • Cyber Events
    • Webinars
    • QuBit Conference
  • Company
    • About Us
    • LIFARS Leadership
    • Alliances
    • Clients Advisory Board
    • Join US!
    • Video Gallery
    • Blog
    • Newsletter
    • Press Room
  • Contact Us
    contact@lifars.com
    (212) 222-7061
    LIFARS, LLC
    244 Fifth Avenue
    Suite 2035
    New York, NY 10001

© 2023 LIFARS, a SecurityScorecard company

  • Privacy Policy
  • Cookie Policy