Dropbox is being used by hackers to distribute malware.
Researchers claim cybercriminals are leveraging legal cloud storage and backup services to ensure that their infected files reach recipients’ inboxes.
The researchers called the practise Business Email Compromise (BEC) 3.0. They believe email service providers have become much more adept at identifying and filtering fraudulent communications.
Hackers have started leveraging genuine cloud services, particularly ones that provide free trial accounts, to get past this. They would set up a free account on a website like Dropbox and use that account to send their target email with a malicious link. Email security providers have little choice but to allow the message to enter the inbox. As the email is coming from a reliable source and a well-known domain.
Utilising Dropbox improperly
Check Point gave an illustration of how the attackers would produce a malicious file and host it on Dropbox. The malicious file link would then be sent to its victims through email using the platform’s built-in sharing capability. The email would reach the victim’s inbox because it isn’t harmful in and of itself.
If the victim opens the file, a login form requesting their email address and password will appear. The victims would already be providing the attackers with their Dropbox login information in this initial stage. The user would then be sent to a fraudulent URL where they would also be prompted for their OneDrive login information by the attackers.
The researchers stated hackers have thus created two potential breaches, using a legitimate site. They will get your credentials and then possibly persuade you to click on a malicious URL. That’s because the URL is genuine in and of itself. The issue with the website is its content. You’ll see that the hackers created a mockup of a OneDrive-looking website. Users receive a malware download after clicking the link.
As always, exercising caution and avoiding clicking on unexpected or dubious links and email attachments are the best ways to defend against email-borne assaults.
Looking for email security solutions for your organization? Visit now!