Image Credit: abnormal
Abnormal reported:
In this case, everything about the initial email is genuine.
It’s a verified email sent from Dropbox’s actual platform. The From address is legitimate—as is every link in the message.
The email claims “Human Resources” has shared a document regarding annual salary increases and open enrollment on Dropbox.
When the target clicks on either “REVIEW DOCUMENT” or “DOWNLOAD DOCUMENT”, they are redirected to a spoofed Microsoft OneDrive portal and prompted to provide their Microsoft login credentials.
It’s a verified email sent from Dropbox’s actual platform. The From address is legitimate—as is every link in the message.
The email claims “Human Resources” has shared a document regarding annual salary increases and open enrollment on Dropbox.
When the target clicks on either “REVIEW DOCUMENT” or “DOWNLOAD DOCUMENT”, they are redirected to a spoofed Microsoft OneDrive portal and prompted to provide their Microsoft login credentials.
Find the original article with additional images of the scam here.
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
Enroll in Training Sessions: Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat