Online storage service Dropbox is being used by scammers to lend an air of credibility to links containing malware and viruses.
According to anti-phishing site PhishMe, scam emails featuring Dropbox links are on the increase, with over 500,000 people already infected.
The style of email normally follows a similar pattern, with the subject matter focusing on financial concerns like tax returns or invoice payments.
The email then includes a link asking the user to download a file to claim back the money. The .zip file which hosts the malware is shared via Dropbox, which is convincing some users that the email is genuine.
This then downloads ransomware onto their computer called “CryptoWall,” which locks away important files until payment has been made to release them. Victims are then given a URL code which leads them to a CAPTCHA and bitcoin donation page.
If the ransom of $500 is not paid within a certain time limit, it doubles in value. Unfortunate users have lost thousands of files already to the virus, with one victim in Greece losing 32,000.It is also believed that the creators of CryptoWall have made an estimated $62,000 from the scam.
PhishMe added that it is often the personal nature of the locked files that leads people to stump up the cash.
“While the attackers are valuing your data at $500 or $1000, what is the true price of your pictures or documents? For an enterprise, what is the price of a network share of data, and what could be lost?”
The latest attack is a reminder that users have to remain vigilant at all times when online, even if it looks like an email is associated with a genuine company