The bad guys have come up with another way to trick you! Now, they’re using services like Dropbox, Google Drive, and other file hosting sites for their evil attacks. Cybercriminals are adding malicious files to these sites, then using the website's file sharing services to send you an invite to log in and open or click on the infected file. Unlike some phishing attempts, these invites look legitimate because they are. The invites actually come from the file sharing site and are identical to normal invites. So what can you look out for?
1. An email inviting you to open a shared file that you did not ask for.
2. Emails that require you to log in to a site to see something important. Do not log into websites by clicking on links in emails
Remember to never click on links in emails that you did not expect or did not ask for. If you need to log into a file sharing site like Dropbox, enter the address in your browser or use a bookmark that you’ve already set for yourself. Think before you click!
Stop, Look, and Think. Don't be fooled.
The KnowBe4 Security Team