In association with heise online

18 July 2012, 14:56

Spam attack on Dropbox users

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Dropbox logo Spammers are currently sending large volumes of spam to users of cloud storage service provider Dropbox. The H's associates at heise Security have so far received four different pieces of German-language spam at an email address used solely to register with Dropbox, and some of their readers have reported the same problem; similar reports can also be found on the Dropbox forums. In almost all cases, the spam is for suspicious-looking online casinos.

Much of the spam appears to have been sent to users with their own domains who created a custom email address such as dropbox@domain.tld to register for the Dropbox file-sharing service. This would suggest that the spammers may simply have been lucky. According to forum discussions, however, emails have also been received by people who have not used this easily guessable address format.

On the Dropbox forums, the company announced that it has asked its security team to investigate the incident, and has also called in outside experts. At present, it has found no evidence of unauthorised access to Dropbox accounts, but this could change as the investigation moves forward. The company has reassured users that a recent thirty minute web site outage had nothing to do with this incident.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit