There are reports of a recent spam campaign that tries to deceive Dropbox users in to resetting their passwords but instead leads to malware. Dropbox, which is a popular cloud storage service who sometimes do in fact reset users’ passwords when they haven’t been changed for a while. They DON’T send an advisory email though, instead at their website they require a password reset before linking a new computer, phone, tablet, or API app on their web site.

The spam has quite a convincing message along the lines of

Hello <user>
We have a warning in our system that you recently tried to login in to Dropbox with a password that you haven;t changed long time already. Your old password has expired and you’ll need to create a new one to log in.

Please visit the page to update your password

Clicking on the link takes the user to a suspicious looking page hosted in the .ru (Russian domain) that tries to pass itself off as a Microsoft site with several downloads for non Microsoft browsers. All very suspicious.

So if you had followed our tips on how to detect phishing emails you would have caught on to their ruse and saved yourself some grief.