Don't let them infect your devices

Identity theft protection – Dropbox users targeted by malware that steals financial information

Dropbox is an extremely popular online file sharing service with something like 175 million users. And it’s now being targeted by cyber criminals who are using well-known malware to try and steal financial details.   Dropbox users are receiving emails that say they need to reset their passwords. The email contains a message that says existing passwords are ‘dangerous.’  It contains a link that leads to a page saying the user’s browser is out of date and they need to update it. If anything is clicked in the page a Trojan file is unwittingly downloaded. It’s a fairly crude attempt to get somebody to download the Trojan. However, with 175 million users the crooks must be hoping to snare at least some people, which will most probably have their identity stolen and then sold on the Deep Web.

Online identity theft

A similar scam has been targeting Yahoo email users recently. It uses the same method, in that users receive an email saying this is their last opportunity to change their password. It then takes users through to an infected web page. The Trojan is a member of the Zeus malware family. Zeus and its variants have been around a relatively long time. It was first identified in 2007 and within two years became prolific. It is designed specifically to steal financial information. According to some information sources in 2010 the credit card details of 15 major US banks were compromised by Zeus.  In the same year the FBI said it had discovered a major cyber criminal gang who had used Zeus to steal about $70 million.

Identity theft protection

The fact that Dropbox is now being targeted by Zeus Trojans is a blow for the company.  Dropbox has many ‘enterprise’ and ‘SME’ users and there’s sure to be quite a few who strike it off their application lists to avoid their networks becoming infected. If you’re a Dropbox, or Yahoo email user, beware of these emails asking you to change your passwords. Ask yourself, ‘did you request a password change?’ If not, it’s probably a scam, an attempt to steal your identity and your financial data. If you’ve got BullGuard protection on your system, you’ve already got good identity theft protection in place and the threats will be flagged up, but please still be mindful.


Written by Steve Bell

Steve has a background in IT and business journalism and has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies producing content producing. He has a particular focus on IT security and has produced several magazines in this area.

More articles by Steve Bell

Leave a Reply




Please enter the code

Please enter the captcha code!

Security code

Ranked #1 by industry experts

BullGuard Internet Security Cup

Internet Security

Free download
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.