What is Dropbox Spoofing?

Cybercriminals are increasingly using file-sharing services like Dropbox, Google Drive, and OneDrive to distribute phishing payloads. These scams often impersonate trusted sources, like HR departments or colleagues, and trick recipients into clicking malicious links or providing login credentials.

How the Scam Works

1. Fake HR Notification

   • The email appeared to come from an HR department, referencing a pay increase pending employee approval—a tactic designed to create urgency.

2. Deceptive Sender Information

   • The sender was listed as "HR Employee Benefit (via Dropbox)," but the actual address was no-reply@dropbox.com or a random email like hrbenefitemployeeteam@email.com—a clear sign of spoofing.

3. External Email Warning

   • The email was flagged as originating outside Illinois State University, a security measure that alerts users to potential fraud.

4. Malicious Dropbox Link

   • Instead of an actual pay increase document, the email contained a Dropbox file-sharing link that likely led to a fake login page designed to steal credentials.

5. Poor Formatting & Grammar

   • The email contained multiple typos and awkward phrasing. This is a common red flag in phishing emails.

How to Stay Safe

✅ Do NOT click on unexpected Dropbox links. If you receive an unsolicited file share, verify with the sender through a separate communication channel.

✅ Check the sender’s email address. If the email is from a generic or unknown domain, it’s likely a scam.

✅ Look for external email warnings. Many organizations flag messages from outside their network to help detect phishing attempts.

✅ Manually verify the file. If you think the file might be legitimate, log into Dropbox directly (without clicking the email link) to check if the document exists in your account.

✅ Report phishing attempts. If you receive a suspicious email, report it to your ISO to help protect others.

Final Thoughts

Dropbox spoofing is a growing threat, but awareness and caution can prevent attacks. Always double-check unexpected file-sharing requests, especially when they involve urgent financial or personal information. When in doubt, report and verify—don’t get hooked by phishing scams!