You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
Luispw
6 years agoExplorer | Level 3
BEWARE: Fake email from "no-reply@dropboxmail.com"
So I just received an email from no-reply@dropboxmail.com saying that someone had tried to log into my account from an "unrecognised location". I found it weird because I don't even use that email account with Dropbox, but the email address seems legit.
I'm attaching a screenshot of the email.
Anyway, there is a link "Click here to verify...". I didn't click, I copied the link instead, without visiting it. And here's what came up:
https://www (dot) dijitalkurumsal (dot) com/js/EMAILVARIFICATION.php?email= + my email address
So be careful, because I think "dijitalkurumsal" has nothing to do with Dropbox. :-/
The dropboxmail.com domain name is actually a legitimate domain used to send official email from Dropbox, but that doesn't mean that someone can't spoof the address and send fake emails that appear to come from it, such as in the phishing attempt that you received.
You can find a list of the official domains used by Dropbox in the following help article:
[Mod edit 2023, edited Help Center link]
- WalterDropbox Staff
Hey there Luispw - welcome to our Community and thanks for flagging this with us!
At first, note that legitimate emails from us would come from no-reply@dropbox.com and not no-reply@dropboxmail.com.
That being said, I'm glad to hear you didn't click on any link within that email as it appears that this message was impersonating Dropbox’s services in an attempt to maliciously impact your machine.
Moreover, I wanted you to know that your diligence is what's helping us keep all of our users safe. We appreciate you reporting fake Dropbox URLs or attempts to compromise user’s credentials.
If it's not to much to ask, I'd also suggest forwarding your report directly to abuse@dropbox.com.
I hope this helps at some extent and -once again- thanks for bringing this to our attention.
If there's anything else you'd like to add or ask, please feel free to get back to me; I'll be more than happy to follow up.
- LuispwExplorer | Level 3
Hi Walter!
Thanks for your prompt response. Sorry for thinking that email address was legitimate. I thought so because I'd seen another thread mentioning it was. Maybe I misread that.
I will forward my original message to abuse@dropbox.com.
Thanks again.
Take care.
- RichSuper User II
The dropboxmail.com domain name is actually a legitimate domain used to send official email from Dropbox, but that doesn't mean that someone can't spoof the address and send fake emails that appear to come from it, such as in the phishing attempt that you received.
You can find a list of the official domains used by Dropbox in the following help article:
[Mod edit 2023, edited Help Center link]
About Security and Permissions
Start a discussion in the Dropbox Community forum to get help with your account security and permissions. Find support from Community members.
Need more support
If you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!