Dropbox shuts down phishing scam

Dropbox has shut down a phishing scam aimed at stealing the credentials of its users, according to the security firm Symantec.

Users were sent messages linking to a phoney login page hosted on the official Dropbox site, with scammers claiming they were trying to transfer a document that was either too big or too sensitive to be sent through email.

Nick Johnston, a Symantec staffer, said: "The page looks like the real Dropbox login page, but with one crucial difference.

"The scammers are interested in phishing for more than just Dropbox credentials; they have also included logos of popular web-based email services, suggesting that users can log in using these credentials as well."

Once information was entered into a form it was said to be transferred to a compromised web server, with details being covered with an SSL security certificate in order to increase the attack’s plausibility, as modern browsers often warn against sending non-SSL resources on an SSL-enabled page.

"The prominence of the warning varies from browser to browser; some browsers simply change the padlock symbol shown in the address bar, whereas others include a small banner at the top of the page," Johnston added.

However he said that users might not understand the significance of SSL or respond to warnings messages when it was not being used.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing