Dropbox scam making the rounds, here’s how to work out what’s fake

Every so often, a scam or a virus makes its way into the GadgetGuy inbox, and we get to see what other people get to see in order to help you understand it. Today, it’s one of those days, so if you see a Dropbox scam, here’s what not to do.

Don’t under any circumstances get tricked by it.

That’s what not to do, so let’s help you understand how not to get tricked by examining the email scam piece by piece, starting with the scam itself:

That’s an email someone sent our way, and while it looks like a semi convincing Dropbox file sharing email, there are some things worth checking out, so let’s go through this the way a security aware person would.

First, we hover over the link and see what pops up:

The link you see here — which we’ve never seen before — is not Dropbox. Not by a long shot.

Whoever has engineered this hasn’t done much work to hide it, and in other scams, you might see a similar name to Dropbox in the domain — maybe droopbox or drapbox or DRQPBOX, just enough to confuse you.

No, here the scammers have been pretty lazy, and are redirecting you to a site that looks nothing like Dropbox in the name, but will still try and convince you regardless.

Always hover over a link in an email you’re not sure about and check where it’s actually taking you to. Just because it has the name of a company you recognise does not mean it’s real.

When we click on the link, here’s what we see:

Well, that looks like Dropbox, but there are some clues to this being a fake.

One is the URL at the top of the screen, which like the link we hovered on before, looks like this:

Another is what happens when we hover over the Dropbox links below, with all of those little menu items below the login screen — Install, Mobile, Pricing, Dropbox Blog, Branding, News, Jobs, Help Center, Get Started, Twitter, and so on and so on — liking to the same url except with a “#” on the end.

In web terms, a hash is like a placeholder, or rather a variable that either opens up a window or extra function, or just does nothing at all.

If the scam was complicated, the Dropbox links would be just like the regular Dropbox site, and would convince some of us who might be a little more skeptical, but the scammers haven’t done that and are hoping to convince you that this is real by the login screen alone.

And it’s not. This login screen is not part of Dropbox, and chances are if you use Dropbox, you keep your login and password saved, so you have to wonder why it’s not loading here (hint: the answer is it’s not Dropbox you’re looking at).

If you did enter your details, there’s a good chance they would be stored somewhere, ready for use by someone who wasn’t quite nice and was looking for a way to steal your passwords.

You might think that a Dropbox password means nothing, but most people rely on the same passwords across several accounts, so if you end up inadvertently giving someone your password for Dropbox, being an important cloud storage solution, it’s highly likely that you’re using that password for something else.

And that’s gold for scammers, because it leads to identity theft.

So with these clues in mind, you have an answer, and can email or call the friend who sent it to you that they’ve either had an email broken into, or they have some nasty viral or malware load on the computer.

As always, the ways to stop this sort of thing from happening are numerous, but most of it comes from good education and knowing how to spot a fake — like we’ve shown here — as well as keeping an up-to-date internet security software on your system.

And the person who sent it to us? We’re going to let them off by not mentioning them, but we have contacted them to tell them what’s wrong, which is what you should do if you ever get sent one, too.