Uh-Oh, Sounds Like There's Another Dropbox Email Scam Hitting Inboxes
The internet can be fun, but it also is just another avenue for hackers to scam you. If you have an email or social media account, you probably are already aware of the basic do’s and don’ts; don’t click on suspicious links, don’t give anyone personal information and don’t share too much online. But a newer Dropbox scam might make it harder to discern whether it’s a scam or not.
Hackers can get creative and sometimes have such elaborate scams that even the most careful online user or the most cautious person can get duped. So here’s what you need to know about the most recent Dropbox scam and what to do if you receive one of these suspicious emails.
Related: How To Block 'Scam Likely' Calls
What is this new Dropbox scam?
On Aug. 4, Dropbox released a blog post warning users (and anyone with an email, really), about what to do if someone you don’t know shares a file with you.
As they wrote in another post, links or downloads from senders you don’t know can be an example of phishing attacks and scams. Just like we’re warned not to open random links that are texted or emailed to us, a Dropbox link is no different. Phishing is a scam that tries to trick you into giving hackers sensitive, personal information. This can also take the form of scammers pretending to be your bank, asking you for your password to your accounts.
Hackers can disguise a malicious, phishing link to look like a Dropbox link or download. Once you click it, instead of being from the real site, it is actually a gateway for them, giving them permission to access your computer or email account.
Essentially, this new scam involves either a fake email from Dropbox with links, or a Dropbox link or download from an unknown sender trying to gain access to your computer or to your private information.
Related: 12 Puppy Scam Red Flags
What is Dropbox’s official email address?
First off, if someone is pretending to be the company, Dropbox, make sure the email you’re receiving is from them. Here's how:
Check the domain the email came from
The official website for Dropbox is www.dropbox.com. Don’t log in or give information to any other site.
Check the email it came from
Another dead giveaway is if the suspicious email didn't come from an official Dropbox account. The official emails used by Dropbox are:
From employees, staff or service-related emails, that use the domains: docsend.com, dropbox.com, dropboxmail.com, em-s.dropbox.com, em.dropbox.com, or dropbox.zendesk.com
Anything that’s related to Dropbox for business comes from emails with the domains: dropbox.com or dropboxpartners.com
Anything that has to do with promotional topics or tips from Dropbox comes from emails ending with: docsend.com, dropboxmail.com, em-s.dropbox.com, em.dropbox.com, or dropboxteam.com
There are a ton of other verified Dropbox domains on their website too, which can get really confusing. So if you’re ever unsure and don't see it above, Google the email’s domain (the website that comes after the @). Don’t go to that site, in case it is phishy or scammy, but Googling it can help you figure out if it’s official.
Related: Don't Fall For This Viral Facebook Privacy Hoax
What should you do if you receive a Dropbox file from an unknown sender?
If you do receive a Dropbox email or link from a fake Dropbox account or from an unknown sender, of course, do not click the link. It’s a good general rule of thumb to never click links from people you don’t know, or if it looks suspicious (because real people and real addresses can get hacked, too).
If you suspect it is a virus or phishing scam, forward the email to [email protected]. They’ll take it from there to investigate the matter.
Again, Dropbox stresses that even if it’s a real Dropbox link or Dropbox notification, do not view or download the file or accept a shared folder invite if you don’t know the sender. They suggest just deleting it or declining the invite.
Next up, here's what you should know about the Rich Grandma Scam and how to protect yourself from it.