This Dropbox Phish is Not After Your Dropbox Creds

This Dropbox Phish is Not After Your Dropbox Creds

We discovered this fake Dropbox that’s after your email usernames and passwords. All of them if possible, actually.

We suggest that you, dear Reader, forget about the image you wanted to see that resulted to this page loading up and close the browser tab immediately.

As those who are familiar with phishing know, the only end result for anyone who willingly (albeit unknowingly) hand over their digital keys to the wrong hands is more trouble.

Dropfox phish default page

Dropbox phish default page

From the interface, we can infer that this phishing campaign placed priority into getting credentials from Yahoo!, Gmail, Hotmail, and Aol email users. Clicking each logo on the page displays a little window where one can provide their login details.

Clicking the green “Sign In” button leads users to the default login pages of these email services.

If one happens to use the same user name and password combination across his/her online accounts, from cloud storage sites like Dropbox to digital libraries, emails and social networks (clearly a bad practice we should stop doing), it’s very likely that more than one account would get compromised with just a single phishing campaign.

Several security vendors flag this page as malicious as well since they detect a script in it as equally malicious.

Furthermore, we found that the domain where this page is hosted—an official website of a company that is into the trading and wholesale of alloy wheels and accessories—was hacked and defaced in January this year.

We can only assume that either the security issues surrounding the website has not been fully addressed or the issues were never mitigated.

Website admins, may this serve as The Bad Example that you do not want to emulate.

Jovi Umawing


Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.