Heads up .. this is important! We are sending this alert to all our customers reminding you to be extremely diligent when receiving this warning.
We all know that historically ZIP files are the attachments to be super suspicious of. Well, now its PDFs as well. We all use PDFs and that’s what makes it easy to embed malicious code and get past our own diligence in an email.
Be advised, we are seeing a huge influx of fake Dropbox notifications with malicious PDFs attached.
- If it is not from firstname.lastname@example.org, it is likely not legit.
- Do NOT open a PDF attachment from any email address you do not know. Dropbox or not!
- Dropbox shares do NOT attach a file to an email. Only link back to Dropbox will be provided. (see below)
Below are examples of legit and fake Dropbox notifications:
Legit Dropbox Notification:
Fake Malicious Dropbox Email:
After seeing a legit Dropbox email .. the above screams malicious. However, we get busy and often don’t take the time to actually look at the details. It is now imperative that you scrutinize ANY and ALL emails with attachments. No technology will prevent human overt-rides. I.E. you click on the link and open the PDF .. it is too late!
Be wary of any attachment from an email you are not familiar with.
Stay Diligent! Shring Support Services