Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

A Phishing Email Campaign Recently Exploited Dropbox


According to security firm Symantec, file storage service of Dropbox was employed for a tricky phishing campaign although the service (referring to Dropbox) was quick to shut it down.

The scam consists an email entitled "Important" notifying that the recipient has he has been dispatched a document which is too huge to be electronically emailed or cannot be emailed owing to security reasons. The email asserts that the said document can be seen by clicking on a link enclosed within the message but the link opens a bogus Dropbox login webpage hosted on Dropbox itself.

The phony login page is hosted on user content domain of Dropbox (like shared images and other files are) and is given over SSL which makes the attack more convincing and dangerous.

The page looks similar to a genuine login page of Dropbox with only one major difference. The cybercriminals are interested in phishing more than just credentials of Dropbox; they have also involved logos of renowned Web-based email services indicating that users can login with these credentials as well.

On clicking the "Sign in", credentials of the user are directed to a PHP script on a hijacked Web server. Details are also submitted over SSL (Secure Sockets Layer) which is significant for the effectiveness of the attack without which users would witness a scary security warning.

Csoonline.com published news on 20th October, 2014 quoting an explanation of Nick Johnston, Security researcher of Symantec, as "The warning importance varies from one browser to another; some browsers simply alter the padlock symbol highlighted in the address bar while others consist of a small banner at the peak of the page but users may not see these security warning or the associated implications."

Earlier this year, criminals used shortened URLs to direct victims to phishing domains which requested many types of credentials like the campaign which Symantec has now detected.

Only one landing page requested Gmail, AOL, Yahoo, Live, Windows or any other account as per their wish via an option labeled "Other emails". The landing pages were designed to mimic Microsoft's OneDrive, Facebook, Google Docs inspite of re-launching of the service under the brand name of Google Drive.

ยป SPAMfighter News - 10/28/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next