Dropbox is an extremely popular online file sharing service with something like 175 million users. And it’s now being targeted by cyber criminals who are using well-known malware to try and steal financial details.
Dropbox users are receiving emails that say they need to reset their passwords. The email contains a message that says existing passwords are ‘dangerous.’ It contains a link that leads to a page saying the user’s browser is out of date and they need to update it. If anything is clicked in the page a Trojan file is unwittingly downloaded.
It’s a fairly crude attempt to get somebody to download the Trojan. However, with 175 million users the crooks must be hoping to snare at least some people, which will most probably have their identity stolen and then sold on the Deep Web.
Online identity theft
A similar scam has been targeting Yahoo email users recently. It uses the same method, in that users receive an email saying this is their last opportunity to change their password. It then takes users through to an infected web page.
The Trojan is a member of the Zeus malware family. Zeus and its variants have been around a relatively long time. It was first identified in 2007 and within two years became prolific. It is designed specifically to steal financial information.
According to some information sources in 2010 the credit card details of 15 major US banks were compromised by Zeus. In the same year the FBI said it had discovered a major cyber criminal gang who had used Zeus to steal about $70 million.
Identity theft protection
The fact that Dropbox is now being targeted by Zeus Trojans is a blow for the company. Dropbox has many ‘enterprise’ and ‘SME’ users and there’s sure to be quite a few who strike it off their application lists to avoid their networks becoming infected.
If you’re a Dropbox, or Yahoo email user, beware of these emails asking you to change your passwords. Ask yourself, ‘did you request a password change?’ If not, it’s probably a scam, an attempt to steal your identity and your financial data.
If you’ve got BullGuard protection on your system, you’ve already got good identity theft protection in place and the threats will be flagged up, but please still be mindful.
Posted by Steve Bell