You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.

Forum Discussion

CNS_NJ's avatar
CNS_NJ
New member | Level 1
4 days ago

An employee's email was used to create a malicious Dropbox account

I'm hoping someone here will be able to provide further assistance on this issue.

One of our employee's mailboxes got compromised. While compromised, the bad actor setup a Dropbox account that is now sending out malicious emails.

The account is secured with MFA, which we do not control or have backup codes for. So, recovering via MFA is not an option.

We have attempted to contact Dropbox support but haven't been able to get anyone to assist with deleting the account. We have just been advised to login and delete ourselves, which is not an option.

If someone is able to assist on this, it would be greatly appreciated.

Thank you,
Nick

  • Jay's avatar
    Jay
    Icon for Dropbox Staff rankDropbox Staff

    Hi CNS_NJ, thanks for bringing this to our attention.

     

    Did they change the email address on the Dropbox account? 

     

    Is the email address part of a Dropbox team or is it a personal account? Do you have the ticket ID from when you contacted the support team?

     

    This will help me to assist further!

    • CNS_NJ's avatar
      CNS_NJ
      New member | Level 1

      It is a personal Dropbox account. I am not sure if they've changed the email address yet.

      I'm assuming it has not been changed, because we're getting emails forwarded from this employee's clients, and it is showing his company email address still.

      The sending email is no-reply@dropbox.com but the body of the email has employee's name/company email in it. Example of the email one of his client's received.

      Elements of the email have been obfuscated for the privacy of the end user/client. I am happy to provide more detailed information to the support team.

      The ticket number for this is #24476652. Please let me know if any further information is needed.

      Thank you,
      Nick

      • Mark's avatar
        Mark
        Icon for Super User II rankSuper User II

        If its using the employee email the quickest and easiest way to resolve this is to go to www.dropbox.com/forgot and request a reset of the password. Then log in and close/delete the account yourselves.