Be careful when opening shared document emails

Criminals are using legitimate services like Dropbox and OneDrive to trick users into revealing their account credentials. This scam generally works like this: A criminal will share a document with you from a compromised account which generates a real email to you from Dropbox or OneDrive with a link to open a shared document. The shared document has realistic branding to make it appear to come from a company that you trust—this can be a company that you do business with or an internal department such as Human Resources.

The document will often have a link that will direct you to a fake website disguised as a OneDrive page which asks you to authenticate with your Microsoft credentials to view the shared document. When you enter your credentials, you’re actually giving them to the criminals who can then use them to compromise your account, steal sensitive information or launch a ransomware attack.

You can help prevent attacks like this by

• Don’t open documents that you aren’t expecting. Before clicking on any outside links, confirm with the sender that it is legitimate.

• Hover (don’t click!) over the link in an email. The real website that you are being directed to will appear—make sure it is from the organization you’re expecting. For example, if you’re expecting to view a OneDrive document and the website is actually something like microsoft.googe.sites don’t click!

• See if the email includes your real name or other identificaiton. Be wary of emails that are addressed generically like Dear User.

If your business doesn’t have a comprehensive plan in place to deal with these types of situations, contact us and we can put you in touch with one of our technology vendors to help protect your business.