We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.

Forum Discussion

MaryVuozzo1914's avatar
MaryVuozzo1914
New member | Level 2
2 months ago

Phishing email that automatically puts a shared document into Dropbox notifications.

I received an email that was suspicious and actually appeared to be from Dropbox (no-reply@dropbox.com). Subject: XXXX shared "XXXX settlement docs (PA case) with you.pdf" with you.

I even got a Dropbox notification on my phone that someone was trying to share a file with me.

I did not click on the attachment and called the sender. She said her account was indeed hacked.

That, and another file from a phishing email, is still in my notifications. I wasn't able to delete them and accidentally marked both as "read". Also, one of them brought up a Microsoft 365 screen which was part of the phishing scam so someone would put in their credentials and they could be stolen.

Q: How do I one, prevent Dropbox from dumping shared files from emails into my Dropbox account automatically?

Q: And two, how do I remove the notifications for these two phishing emails/files from my Dropbox Notifications? I already cleared the cache and that did nothing. Thank you!

  • Megan's avatar
    Megan
    Icon for Dropbox Staff rankDropbox Staff

    Hey MaryVuozzo1914, welcome to our Community!

     

    First off, I'm glad you knew where to look and how to act when it comes to phishing cases like this one. 

     

    In the initial case that you mentioned, and especially since the account of the sender was hacked the best approach here would be to use this link and report it to us as soon as possible.

     

    Checking the official Dropbox domains is also crucial when it comes to any files and content. 

     

    As for the notifications, there's not much that can be done about this. You can mark them as "Read" but can't actually remove them from the notification panel. 

     

    If you need anything else, let me know more! 

    • MaryVuozzo1914's avatar
      MaryVuozzo1914
      New member | Level 2

      This phishing email actually came from a Dropbox domain though. But the attachment was a phishing scam. The only thing that tipped me off was that the message was too generic and I had not heard from this person for a long time. Any tips on how to tell if an email is phony?

      • Megan's avatar
        Megan
        Icon for Dropbox Staff rankDropbox Staff

        Hey MaryVuozzo1914, it came directly from a Dropbox domain because someone hacked the user's Dropbox account and managed to share content with you. 

         

        You can have a look at the relevant Help Center article, on how to protect yourself from phishing and other viruses. 

About Security and Permissions

Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.

Need more support

If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.

For more info on available support options for your Dropbox plan, see this article.

If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!