Email Your Files to Dropbox. Next time you need to save a file to Dropbox—perhaps from your phone, or from a friend's computer where you're not logged into Dropbox—open your email app and send a new email to your Dropbox email address. Attach the file, and Zapier will save it to Dropbox for you automatically. No more worrying about email file size limits. You can use Dropbox Transfer to deliver final files (up to 250 GB) to your clients and collaborators—even if they don't have a Dropbox account. You can also set a password to control access, set expiration dates, receive download notifications, and see who’s viewed your file. Why Need to Transfer Files from Dropbox to Computer? Usually, you need to put your all kinds of files like work documents, family photos/pictures, favorite videos, etc. On cloud drives (Dropbox, Google Drive, OneDrive and so on) when you do not have enough local storage to save them.
It is a sad fact of life that as the sophistication of the technologies available to us grows, so does the ingenuity and determination of bad actors to exploit and victimize regular users. Once upon a time, the efforts of malicious actors were easily discernable for anyone with an iota of knowledge on the subject of cybersecurity, and their depredations could be staved off by just following one or two pieces of good advice. Unfortunately, that's no longer the case – hackers nowadays are in the habit of using both sophisticated tools and high quality, multi-layered social engineering tricks and misdirection to scam their victims. Case in point – the recent Dropbox “PO.PDF” phishing attacks.
With Transfer, you can send up to 100MB of files with a free Dropbox account, which could be handy if you need to email files that are larger than Gmail’s 25MB limit for attachments. Enter your new email address and current password. Click Update email. We’ll send a verification email to your new email address. Open the email, and click Verify your email. Dropbox Business admins: change a team member's email address. If you’re a Dropbox Business admin, you can change the email address on a team member’s Dropbox account.
This particular campaign hit the web recently, and was pretty convoluted, as far as spoofs go. An email hit inboxes, with its main hook and the element that was supposed to lend it an air of legitimacy being a Dropbox logo. It had the appearance of an official notification from the file-sharing platform, which informed the recipient that a file titled 'PO.PDF' was sent to them using Dropbox Transfer, and that this file will be accessible for just six days.
The email's goal is to trick users into clicking on the link to view a file, which would then lead them to a page hosted on the Dropbox domain. This page is very convincing, with high-quality branding elements and links to Dropbox support pages and everything.
Clicking on “Download” starts downloading a '.PDF' file that contains the Office 365 logo. A message that 'a document has been sent through OneDrive' appears, and in order to access it, the user should click the 'Access Document' button. This link then leads the user to a landing page hosted on Google Docs named 'OneDrive'. Here's where the actual phishing takes place, as users are asked to log in to OneDrive account and password to view the document.
Perceptive and knowledgeable internet users would have figured out that there is something wrong with this particular situation from the get-go. Firstly, this type of communication is highly atypical for Dropbox. Even in the event that the initial contact with the scam doesn't raise alarms, the fact that you have to jump through a bunch of hoops in order to access some file that the other party allegedly wants to send you should be a telltale sign that something's not right. Additionally, the fact that the file supposed to be shared via Dropbox, and in spite of this, you have to interact with two other platforms, like Office 365 and OneDrive, is a dead giveaway that something's wrong. Finally, the fact that you're asked to log in on an unverified landing page should be the last, glaring sign that you're being scammed.
In spite of the fact that all the signs are there and are clear for all to see, many users still fall for such obvious scams, and then end up paying dearly for that mistake. Here are some tips on what to do to avoid becoming the victim to a phishing scam:
How to Avoid Phishing Scams
- Always see if the sender's email address checks out. If someone claims to be contacting you from Dropbox Support, but if the email from which the message originates is clearly not dropbox support, the user is almost certainly the target of a phishing attempt.
- Note if the message starts with a generic greeting, or the user's email address or phone number is all wrong. No company ever starts their emails with 'Dear customer' – only fraudsters ever do that.
- Be wary if the message contains any suspicious links – or any links that are platforms that you don't recognize on sight. If the email contains overly long, obfuscated links, chances are that they are going to take the user to some sort of phishing landing page.
- Be extra careful of unsolicited messages, especially those that contain an attachment of any sort. Never input any personal information, or enable macros, on files downloaded from such messages.