Here is another phishing email I received. It said it was from an individual Dropbox account.
How do I know it wasn’t genuine? What are the red flags for this?
- I don’t recognize the sender.
- I wasn’t expecting a file. Usually the sender will have communicated with the recipient about the file before sending.
- The email address for the sender is not as would come from Dropbox. When I send a file to someone the email from address is: James via Dropbox <email@example.com>
- The email is not addressed to you. Sometimes the email address will be similar to yours and your email server has sent it to you since it is so close.
- When I hover over (DON’T CLICK) on the link “Click here to view”, the link should look something like this. “https://www.dropbox.com/s/67zpxup9mrhut5t/IMG_0121.JPG?dl=0” Notice the difference in the image. The link doesn’t even contain Dropbox.
- I received a number of supposed Dropbox shares in the same day, with different names, but all using the same subject line with the same “file” for me to look at. I actually received the same email 4 times in half and hour.
What to do if you receive an email like this.
- DON’T CLICK ON ANY LINKS IN THE EMAIL. This includes any pictures or files. Your email program may block these by default.
- Verify whether you know the sender. If you do, but you still suspect phishing, open a NEW email and ask the sender if they sent the email with the attachment. If they didn’t it’s quite likely THEIR email account has been hacked.
- Delete the email. You can also go to your trash or deleted items folder and permanently delete it for an extra measure of safety.
- Keep aware that the “phishers” are quite sly and will keep on trying to dupe you into opening their garbage. When in doubt don’t open, and contact someone you trust who can advise you.
- If you are suspicious, just don’t open it. Don’t be fooled by logos or slogans from valid companies since thes can be used by spammers as well.
- Keep your virus and anti-spam software up to date. Make sure you have email scanning enabled in your software. Most internet security software enables this by default.
- Stay safe and have a great day.