Documents

now browsing by tag

 
 

#cybersecurity | #hackerspace | Dropbox Phishing Scam: Don’t Get Fooled by Fake Shared Documents

Source: National Cyber Security – Produced By Gregory Evans

Hackers use familiar brands like Dropbox to steal login
credentials and spread malware

It’s funny how hackers, phishers, and scamsters can be blatantly obvious and inexplicably unpredictable at the same time. I’m saying obvious because they target the most widely used services/platforms and lots of users know what they’re up to — not just security professionals, but many ordinary users know about these phishing scams and what to look for. Phishers might be predictable in going after big names but it’s the unpredictability in their approaches that makes them tick. Time after time, they come up with new ways that help them achieve exactly what they want and make them “successful.” The Dropbox phishing scam is a perfect illustration of this.

The Dropbox phishing scam surfaced around a
year ago and made headlines in many popular publications. It hasn’t gotten as
much attention recently, but even after a year, attackers are still targeting
users using this same-old trick. And therefore, you need to know about it.

Let’s hash it out.

Dropbox Phishing: It All Starts
with a Simple Email

This is how it all starts: You receive an
email (either text or HTML-based) from a person saying they have shared an
important document with you. The email looks a lot like an official Dropbox
email and has a link to access the document. To make it look authentic, some of
these emails include actual links to Dropbox in the footer of the email. These
are links to Dropbox’s Terms of Service, Privacy Policy, and Help Center.

Here’s a pretty simple example:

Check the “From” Details Carefully

As you can see in the screenshot above,
this phish email has “Dropbox” as its sender’s name. It’s easy to fall prey to
this as the sender name and the email style make it look like an actual Dropbox
email.

However, if you look closely, you’ll see
that the from email address and the embedded link are clearly not Dropbox.

However, if you’re skimming through your
email (as many of us do), it’s easy to fall for this Dropbox phishing scam.
Once you click the link, the URL takes you to a web page that looks almost
exactly like an actual Dropbox login page.

More advanced Dropbox phishers take the
scam to the next level…

Check URLs Carefully — Even If They Include “Dropbox”

Some Dropbox scammers are carefully picking
URLs that look official at first glance.

For example, they will include common keywords such as “Microsoftonline” or “Dropbox” in the domain or subdomain to make it look like a genuine domain:

  • dropbox.secure.somedomain.com
  • login.microsoftonline.com.someotherdomain.com
  • secure.dropboxsharing.somethingelse.com
Email Security Best Practices - 2019 Edition

Don’t Get Phished.

Email is the most commonly exploited attack vector, costing organizations millions annually. And for SMBs, the damage can prove fatal: 60% fold within 6 months of falling victim to a cyber attack. Don’t be one of them.

HTTPS URLs Aren’t Always Safe

And the cherry on the top is how phishers
use fake HTTPS URLs. So, the link that you’re being redirected to isn’t an
HTTPS link. It has HTTPS in the link text, but not as the protocol. If an SSL
certificate protects a website, it will look like this: https://www.(website name).com/. The
fake Dropbox URL looks like www.https-(fake website
name).com. See the difference?

Another trick that phishers have recently adopted is using an HTTPS website. No, the previous sentence doesn’t contain any technical error; it’s a fact that most phishing websites feature HTTPS now. In such cases, users are more likely to fall for it as they’re trained to look for that secure padlock.

Phishers are a Poor Man’s Magicians: Here’s How to Catch Them

What do magicians and phishers have in common? Well, they both take advantage of our psychological limitations to distract us and make us look where they want us to.

However, the silver lining here is that the
phishers are far from good magicians. A great magician can take their secrets
with them to the grave. But with a bit of concentration and training, you can
catch almost every phisher.

So, here’s how you can CATCH the PHISHers
(Got it 😉 ?).

Check the Email Address

First of all, you should always check the email address of the sender. Is the email sent by someone you know? Is the email coming from Dropbox’s (or any service provider’s) list of official domains? This is the first thing you must check, and you should not proceed further if the email is not familiar and/or it’s been sent from a domain that’s not been mentioned in Dropbox’s list of its official domains.

In my
experience, doing this one check will protect you from most email phishing
attacks as hackers shouldn’t have access to Dropbox’s official domains.
However, you should be cautious even if the email appears to be from an
official Dropbox domain as some email servers are not configured to check
SPF/DKIM records, so spoofed emails will be let through.

Check the Link URLs

If the email
passes the first security check, then you should check the links in the email:

  • View the web page in your
    browser and check for “https” at the start of the URL. It should look like https://www.(website name).com/. (Note: Google Chrome
    hides the https:// until you double click in the address bar.)
  • Once this check is done, you
    should again go back to Dropbox’s list of official domains and then check if this
    domain is on the list.
  • To double-check the
    authenticity of the website, you should also check the SSL certificate Dropbox
    uses. As you can see in the screenshot, Dropbox.com is protected by a DigiCert
    EV (extended validation) SSL certificate and this certificate has been issued
    to Dropbox, Inc.
Graphic: Avoid Dropbox phishing scams by checking validity of URLs and site SSL certificates

Extended validation
means that the certificate authority (DigiCert, in this case) did an extensive
verification of Dropbox, Inc before issuing the certificate. This way, you can
be sure that the website you’re on actually belongs to Dropbox.

Quite simple,
isn’t it?

What Could Happen If You Fall Victim to the Dropbox Phishing
Scam?

Dropbox stores
the data of more than 500 million users and 200,000 businesses, and it’s the
most significant cloud sharing and storage company in the world. Putting a
malicious file in just one employee account could be a brutal blow to the
privacy of an entire organization. And it’s not just the privacy, but the
existence of a business could be at stake—that’s a good enough reason to take
your Dropbox security pretty seriously, don’t you think?

Unfortunately, that’s not where it stops. A phisher who has taken complete control over your account and associated data using malware could demand a significant ransom if you want your account back. In technical terms, this is called ransomware.

The consequences of Dropbox phishing could be even more brutal if you’re one of those persons who uses the same password pretty much everywhere. Every bit of information you have on the internet could be in the hands of the attackers. Just think about it!

Hackers may also
scan your account to automatically find valuable data in your saved documents.
This could include customer data, payment details, login credentials for other
platforms, or anything else you might have that’s sensitive.

Last Word on Dropbox Phishing

All scammers — whether in the real world or online — take advantage of our human limitations. Either they make us see and feel something that isn’t there, or maybe they give us some lucrative incentive to distract us (we’ve all heard of the Nigerian Prince scam, haven’t we?). With a little bit of awareness and concentration, you can be a step ahead of all the phishers.

Tip of the day: Remember to look where you want to, not where they want you to.

Recent Articles By Author

*** This is a Security Bloggers Network syndicated blog from Hashed Out by The SSL Store™ authored by Jay Thakkar. Read the original post at: https://www.thesslstore.com/blog/dropbox-phishing-scam-dont-get-fooled-by-fake-shared-documents/

Source link

The post #cybersecurity | #hackerspace |<p> Dropbox Phishing Scam: Don’t Get Fooled by Fake Shared Documents <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Cowboys Casino hackers dump hundreds of documents with customer payouts, personal information

Source: National Cyber Security – Produced By Gregory Evans

Cowboys Casino hackers dump hundreds of documents with customer payouts, personal information

Personal information along with the gambling habits and payouts of hundreds of patrons of Calgary’s Cowboys Casino have been dumped online by hackers, a year after a massive cyber attack. On Sunday, thousands of files purportedly containing the personal information of patrons, customer payouts, tracking of gambling habits and the…

The post Cowboys Casino hackers dump hundreds of documents with customer payouts, personal information appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Snowden Documents Prove “Shadow Brokers Hacked The NSA

washington-dc-february-9-national-security-agency-director-adm-michael-rogers-testifies-bef

Source: National Cyber Security – Produced By Gregory Evans

Snowden Documents Prove “Shadow Brokers Hacked The NSA

New documents confirm that a hacking group calling itself the Shadow Brokers has indeed managed to steal “cyber weapons” from the National Security Agency.
The classified top secret documents, which were published by the Intercept this morning, were leaked by

The post Snowden Documents Prove “Shadow Brokers Hacked The NSA appeared first on National Cyber Security.

View full post on National Cyber Security

NSA Targeted Chinese Firewall Maker Huawei, Leaked Documents Suggest

download (20)

Source: National Cyber Security – Produced By Gregory Evans

NSA Targeted Chinese Firewall Maker Huawei, Leaked Documents Suggest

When the mysterious Shadow Brokers dumped a cache of hacking tools used by an NSA-linked group last week, researchers quickly identified a number of the spy agencies’ targets, including American security companies like Cisco, Juniper, and Fortinet.
But until now,

The post NSA Targeted Chinese Firewall Maker Huawei, Leaked Documents Suggest appeared first on National Cyber Security.

View full post on National Cyber Security

Renacci bill would prevent identity theft resulting from Social Security Administration documents

timthumb

Source: National Cyber Security – Produced By Gregory Evans

Legislation introduced by U.S. Rep. Jim Renacci (R-OH) on Wednesday would prevent identity theft by requiring the Social Security Administration (SSA) to remove Social Security numbers from mailed documents whenever possible. The Social Security MAIL Act, H.R. 5320, introduced by Renacci and U.S. Rep. Sam Johnson (R-TX), would require the SSA to remove unnecessary Social […]

The post Renacci bill would prevent identity theft resulting from Social Security Administration documents appeared first on National Cyber Security.

View full post on National Cyber Security

Court documents reveal details in severe Gloversville child abuse case

A Gloversville couple appeared in court on Wednesday after what police called one of the worst child abuse cases they’ve ever seen.

Police said 27-year-old Hali Waight let her son go more than 24 hours without medical help after her boyfriend allegedly beat him. Court documents claim 20-year-old Jose Acevedo threw the 2-year-old boy against a wooden dresser and a bedside table that caused fractures, bleeding, vomiting and severe abdominal trauma.

The case saddened local child advocates.

“Frustrated and sad,” former director of CASA of Fulton & Montgomery Counties Linda Burns said. “A child should never have to endure this.

Read More

The post Court documents reveal details in severe Gloversville child abuse case appeared first on Parent Security Online.

View full post on Parent Security Online

Snowden Documents Reveal AT&T’s “Extreme Willingness to Help” NSA Domestic Spy Program

Source: National Cyber Security – Produced By Gregory Evans

Documents from NSA whistleblower Edward Snowden have exposed how extensively the NSA relied on telecommunications giant AT&T for its vast spying operations. Records described by The New York Times and ProPublica laud AT&T’s “extreme willingness to help” the NSA’s spying efforts. According to the piece, the company supplied access to billions of emails flowing across its domestic networks and technical aid in carrying out a secret order allowing the wiretapping of all Internet communications at the headquarters of the United Nations — an AT&T customer. In 2013, the NSA’s top-secret budget for its partnership with AT&T was reportedly more than twice that of the next largest such program. Source: https://www.freespeech.org/video/snowden-documents-reveal-att%E2%80%99s-extreme-willingness-help-nsa-domestic-spy-program

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Snowden Documents Reveal AT&T’s “Extreme Willingness to Help” NSA Domestic Spy Program appeared first on National Cyber Security.

View full post on National Cyber Security

Documents: Arizona couple arrested, accused of having sex with 15-year-old girl

PHOENIX – A Phoenix couple is behind bars for allegedly having sex and doing drugs with a 15-year-old girl numerous times over four months.

Alonso Caufield, 25, and his girlfriend, Chelsea Coratolo, 23, were arrested Monday at their home near 19th Avenue and Cactus Road.

According to a police report, Coratolo asked the 15-year-old girl to “pleasure” her boyfriend because she was having her menstrual cycle and couldn’t. This arrangement lasted from October 2014 to February 2015.

Authorities said the victim told a counselor about the incident, who then notified police.

The victim told police the suspects gave her methamphetamine and marijuana and they would all take the drugs together.

Read More

The post Documents: Arizona couple arrested, accused of having sex with 15-year-old girl appeared first on Parent Security Online.

View full post on Parent Security Online