Inside Dropbox and Microsoft Office phishing attacks | Salted Hash, Ep. SC03

Today on Salted Hash, we’re going to look at a phishing attack that targeted me directly. It’s got a few interesting elements, including a weak attempt to spoof an HTTPS connection, and a sort of hybrid lure, which starts as Dropbox but ends at Microsoft Office.

Top targets

Microsoft is a popular target with criminals, especially when it comes to phishing. If a criminal can compromise your Microsoft Office account, they have a good deal of leverage over your professional life, and it gets worse if your Microsoft Office password is used on other services (it happens, and criminals do check for this).

Email security vendor Vade Secure recently published a list of the top brands spoofed by phishing attacks, and Microsoft topped the list. This is notable because PayPal is usually in the top spot. According to Vade Secure’s list, Microsoft held the number one position by more than 40 percent. PayPal drops to second, followed by Facebook, Netflix, Wells Fargo, Bank of America, DocuSign, Dropbox, DHL, and Apple to round out the top ten.

Hybrid phishing

Back in May, my spam trap got an unusual email. It was addressed to me, and offered a Dropbox invite to an Excel file. However, because I read my email in plain text, the visual cues normally leveraged in these types of attacks were lost on me.