We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
How to protect and prevent "share attacks"
Hello all,
My company has been inundated by Dropbox "share" attacks, where phishers use the Dropbox share function to bypass spam filters and get fake invoices to land in coworker's inboxes. Dropbox will even helpfully send follow-up emails to everyone who hasn't viewed the document yet.
I ran the gauntlet of an escalated support ticket, but that ended with them basically saying I was out of luck because I had no control over that file since it was external and being shared. This was after days had gone by and several people had viewed the malicious document.
Surely there is a better way to prevent/report this attack? Blocking no-reply@dropbox.com isn't really an option since we use dropbox, but there has got to be a better way to get help from Dropbox since it is a scammer's paradise to be able to abuse their service like this.
Any help is welcome! Thanks in advance.
Hi deus_ex_machina!
I'm a product manager on the sharing team.
Thanks for reaching out! We take such issues very seriously and want to assure you that we were already aware of this situation and have taken immediate actions to address it.
Ideally, this won't happen again, but if it does, please use the "Report to Dropbox" feature on the email so we can respond promptly.
Your security is our top priority. If you encounter any further suspicious activity or have additional concerns, please do not hesitate to reach back out.
- Megan
Dropbox Staff
Hey deus_ex_machina, welcome to our Community!
On our end, I'm afraid that we have no such ways in place to "identify" these actions before they happen.
When it comes to securing your account, I'd suggest that you keep an eye out for any suspicious content and emails and that you don't open files when shared from external collaborators.
Of course, our Community & Support is here to help if you come across these types of emails, and cases.
I hope this clarifies!
Megan:
I appreciate the quick reply! It is understandable that Dropbox can't review the authenticity or intent behind every shared document, and removing that feature would negatively impact the platform.The issue is that the attacker can quickly enumerate large lists of targets, and there is a delay between the shares being sent, and Dropbox support responding to my report. Is there any way to get Dropbox to recognize that we are a legitimate company being targeted by an active campaign, and get a more timely response to our reports?
- Megan
Hey deus_ex_machina, would you mind sharing your ticket number with me, in order to review it on our system, please?
