Home » today » World » Warns against Dropbox abuse

Warns against Dropbox abuse

by

– The scam aims to steal your username and password for your Microsoft 365 account. It’s easy to go on because the sender of the scam email is a person you’ve previously contacted by email. This will probably make many people trust the email and perceive it as genuine, download the attachment and provide their login details. They must not do that, warns senior adviser at the Norwegian Center for Information Security (NorSIS), Vidar Sandland, in a press release.

The background is a new scam circulating that abuses the Dropbox name to trick recipients into giving out information.


SCAM: This is what the e-mail scam attempt looks like. Photo: NorSIS
view more

According to Sandland, it may look as if the scam starts with the scammers gaining control of someone else’s email account and then using it to share a PDF attachment via the Dropbox cloud service.

The recipient, who sees that the sender is known and senses peace and no danger, must log in with their own Dropbox account to view the PDF file.

NorSIS explains that the file only consists of an image with a link to a fake login page for Microsoft 365. If you enter your login details here, you have given the information to the scammers and they have potentially full access to your account.

– The security mechanisms will not catch the fraudulent e-mail because it links to a legitimate Dropbox sharing, where the username and password of this service do not go astray, Sandland warns.

TOFACTOR: When you log in to a service, you must approve the login in an app. This increases security considerably. Photo: Pål Joakim Pollen. Video / Reporter: Elias Kr. Zahl-Pettersen
view more

Activate two-factor

If you have experienced this, you should change the password on your Microsoft 365 account. NorSIS also recommends activating two-factor authentication to secure against this type of attack.

– Once the fraudsters have gained access to an e-mail account, it is really only the imagination that sets the limits for what they can do about the damage. It turns out that when we get an email from someone, most of us think it’s actually coming from them, not that scammers are sitting behind and pulling the strings. That is why it is so important to protect your e-mail account with a two-step login, Sandland advises.

Then it is not enough to enter a username and password, but the login must also be confirmed via a one-time code in, for example, the Microsoft Authenticator app.

Related posts:

[국제]China's 'Yanghui Blue' disappears... 'Factory of the world' restarts
Hypé, Russell Westbrook throws an NSFW sentence on the competition!
Court stopped clearing work for Tesla plant in Germany
We shouldn't run here. It's like a nightmare »

Corona news: 464 new infections in Brabant

Copa América: Ricardo Gareca, coach of Peru, angry about the realization of the Copa América in Brazil and the lack of organization of the conmebol: We South Americans do not deserve this

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.