Update: Rackspace security contacted me and assures me that this particular Web site is not hosted on their service, just spoofing this prompt to make it seem more legit. More interestingly, it’s apparently a site hosted at Rackspace, so Rackspace pops up a login prompt: Where do I end up? Surprisingly, not at a Dropbox login screen mockup but on a server associated with the domain : Still, let’s say I’m spacing out and click on the link redirect.
cx? That’s Christmas Island (no kidding!), which is most assuredly not where Dropbox would send me to retrieve or view a document if this were a legit email message!
That’s not so it’s immediately highly suspicious. The biggest tell is from moving the cursor over the “View document here” button: My email program shows the destination URL as a pop-up window: More weird is that the font isn’t quite right because the entire message body is an image which is not at all how Dropbox sends and formats its email. Looks pretty legit, right?īut look more closely and you’ll realize it doesn’t reference a sender or know me by name even though I have a Dropbox account. Let’s dig into this particular phishing attempt to see how it works… Independent of all of that, however, check the link before you click! One telltale is that it doesn’t come from someone you know and doesn’t reference your name directly, but there are often misspellings and other quirks too. The challenge is to be suspicious enough to look closely before you click! In my experience, just about all phishing attacks – which are invariably via formatted email with company logos, etc – have one or more things that aren’t quite right. It’s an email that you received that isn’t from Dropbox at all, but is from a hacker or other ne’er-do-well who wants you to reveal your Dropbox account credentials unsuspectingly. Like parents would say to a child before they head off into the jungle or the police chief says to her officers at the end of morning briefing: “be careful out there!” That’s exactly my recommendation to you too with everything online, because what you’ve encountered is what’s known as a phishing attack.
0 kommentar(er)
