Discussion:
Should i open this? (Probably not . . . )
(too old to reply)
Mike Ruddock
2018-05-09 08:14:37 UTC
Permalink
Raw Message
I have just received an email signed by one Robert Scott (but probably
not Robert Falcon Scott) which says :

"Shared document with you using Dropbox App. Please refer to file."

Beneath that is a message in blue which says "Click here to view the
shared document."

I can't recall what I may have put into Dropbox (and I haven't used it
for some years.)

Robert Scott's email claims to come from the address:

Robert Scott <***@aol.com>

Should I file this in Recycle Bin?

Mike Ruddock
Nick Leverton
2018-05-09 08:27:52 UTC
Permalink
Raw Message
In article <***@mid.individual.net>,
Mike Ruddock <***@btinternet.com> wrote:
>I have just received an email signed by one Robert Scott (but probably
>not Robert Falcon Scott) which says :
>
>"Shared document with you using Dropbox App. Please refer to file."
>
>Beneath that is a message in blue which says "Click here to view the
>shared document."
>
>I can't recall what I may have put into Dropbox (and I haven't used it
>for some years.)
>
>Robert Scott's email claims to come from the address:
>
>Robert Scott <***@aol.com>
>
>Should I file this in Recycle Bin?

If you don't know the sender, then definitely. Every way of sending
files for download (shared cloud accounts, hacked webservers, etc)
can be and is being be misused to send malware. It helps the spam to
bypass filters by not including it in the actual mail.

If you do know them but aren't expecting this, then ask before
downloading, on a similar basis that their own account may have been
compromised.

Nick
--
"The Internet, a sort of ersatz counterfeit of real life"
-- Janet Street-Porter, BBC2, 19th March 1996
Penny
2018-05-09 18:22:49 UTC
Permalink
Raw Message
On Wed, 9 May 2018 08:27:52 +0000 (UTC), Nick Leverton <***@leverton.org>
scrawled in the dust...

>In article <***@mid.individual.net>,
>Mike Ruddock <***@btinternet.com> wrote:
>>I have just received an email signed by one Robert Scott (but probably
>>not Robert Falcon Scott) which says :
>>
>>"Shared document with you using Dropbox App. Please refer to file."
>>
>>Beneath that is a message in blue which says "Click here to view the
>>shared document."
>>
>>I can't recall what I may have put into Dropbox (and I haven't used it
>>for some years.)
>>
>>Robert Scott's email claims to come from the address:
>>
>>Robert Scott <***@aol.com>
>>
>>Should I file this in Recycle Bin?
>
>If you don't know the sender, then definitely. Every way of sending
>files for download (shared cloud accounts, hacked webservers, etc)
>can be and is being be misused to send malware. It helps the spam to
>bypass filters by not including it in the actual mail.

Indeed, we had one to the support email address I monitor the other day,
supposedly from a bank I'd never heard of (so obviously spam or scam). It
contained no link (but the security on the message system may have removed
it) and ended with the line:
this message was auto-generated by One Drive Dropbox security system

which sounded odd to me - aren't OneDrive and Dropbox different things?
--
Penny
Annoyed by The Archers since 1959
Nick Leverton
2018-05-10 05:59:02 UTC
Permalink
Raw Message
In article <***@4ax.com>,
Penny <2pence+***@gmail.com> wrote:
>On Wed, 9 May 2018 08:27:52 +0000 (UTC), Nick Leverton <***@leverton.org>
>scrawled in the dust...
>>In article <***@mid.individual.net>,
>>Mike Ruddock <***@btinternet.com> wrote:
>>>
>>>Should I file this in Recycle Bin?
>>
>>If you don't know the sender, then definitely. Every way of sending
>>files for download (shared cloud accounts, hacked webservers, etc)
>>can be and is being be misused to send malware. It helps the spam to
>>bypass filters by not including it in the actual mail.
>
>Indeed, we had one to the support email address I monitor the other day,
>supposedly from a bank I'd never heard of (so obviously spam or scam). It
>contained no link (but the security on the message system may have removed
>it) and ended with the line:
>this message was auto-generated by One Drive Dropbox security system
>
>which sounded odd to me - aren't OneDrive and Dropbox different things?

As far as I know, yes. And I can't find any reference to a One Drive at
all on a quick search. Looks like another attempt to make a fraud look
more official. I suspect larding on the security references is probably
for human eyes rather than automated ones, as probability based filters
wouldn't have come across that phrase before either.

Nick
--
"The Internet, a sort of ersatz counterfeit of real life"
-- Janet Street-Porter, BBC2, 19th March 1996
Flop
2018-05-09 08:33:38 UTC
Permalink
Raw Message
On 09/05/2018 09:14, Mike Ruddock wrote:
> I have just received an email signed by one Robert Scott (but probably
> not Robert Falcon Scott) which says :
>
> "Shared document with you using Dropbox App. Please refer to file."
>
> Beneath that is a message in blue which says "Click here to view the
> shared document."
>
> I can't recall what I may have put into Dropbox (and I haven't used it
> for some years.)
>
> Robert Scott's email claims to come from the address:
>
> Robert Scott <***@aol.com>
>
> Should I file this in Recycle Bin?
>
> Mike Ruddock
>

In most mail programs you can determine where the email originates.

And the *real* address of any links or attachments.

You use Thunderbird. And post via Giganews [which doesn't help finding
the source of the email.

But if you put your mouse over a link, it should show the actual address.

Use Whois:

https://whois.icann.org/en

to search for the details of the sender.

Additional information can be found by clicking the '+' icon in the top
left hand corner of the email header.


--

Flop

“I needed a password eight characters long so I picked Snow White and
the Seven Dwarves.”
the Omrud
2018-05-09 11:20:57 UTC
Permalink
Raw Message
On 09/05/2018 09:33, Flop wrote:

> Use Whois:
>
> https://whois.icann.org/en
>
> to search for the details of the sender.

Sadly, Whois is under some threat because of GDPR.

--
David
Sid Nuncius
2018-05-09 08:55:59 UTC
Permalink
Raw Message
On 09/05/2018 09:14, Mike Ruddock wrote:
> I have just received an email signed by one Robert Scott (but probably
> not Robert Falcon Scott) which says :
>
> "Shared document with you using Dropbox App. Please refer to file."
>
> Beneath that is a message in blue which says "Click here to view the
> shared document."
>
> I can't recall what I may have put into Dropbox (and I haven't used it
> for some years.)
>
> Robert Scott's email claims to come from the address:
>
> Robert Scott <***@aol.com>
>
> Should I file this in Recycle Bin?

Personally, I wouldn't touch it with an e-bargepole and I'd delete the
email.

Er...that's it. I don't have any actual expertise or insight to offer. :o)


--
Sid (Make sure Matron is away when you reply)
Clive Arthur
2018-05-09 10:08:40 UTC
Permalink
Raw Message
On 09/05/2018 09:14, Mike Ruddock wrote:
> I have just received an email signed by one Robert Scott (but probably
> not Robert Falcon Scott) which says :
>
> "Shared document with you using Dropbox App. Please refer to file."
>
> Beneath that is a message in blue which says "Click here to view the
> shared document."
>
> I can't recall what I may have put into Dropbox (and I haven't used it
> for some years.)
>
> Robert Scott's email claims to come from the address:
>
> Robert Scott <***@aol.com>
>
> Should I file this in Recycle Bin?
>
> Mike Ruddock
>

Click on it and see what happens, then report back when you have your
new computer up and running.

Cheers
--
Clive
steveski
2018-05-09 12:55:10 UTC
Permalink
Raw Message
On Wed, 09 May 2018 11:08:40 +0100, Clive Arthur wrote:

> On 09/05/2018 09:14, Mike Ruddock wrote:

[]

>> Should I file this in Recycle Bin?

> Click on it and see what happens, then report back when you have your
> new computer up and running.

Many laughs. Many, many laughs.

--
Steveski
J. P. Gilliver (John)
2018-05-09 12:21:20 UTC
Permalink
Raw Message
In message <***@mid.individual.net>, Mike Ruddock
<***@btinternet.com> writes:
>I have just received an email signed by one Robert Scott (but probably
>not Robert Falcon Scott) which says :
>
>"Shared document with you using Dropbox App. Please refer to file."
>
>Beneath that is a message in blue which says "Click here to view the
>shared document."
>
>I can't recall what I may have put into Dropbox (and I haven't used it
>for some years.)
>
>Robert Scott's email claims to come from the address:
>
>Robert Scott <***@aol.com>
>
>Should I file this in Recycle Bin?
>
>Mike Ruddock
>
I share the apprehension of others (I like the concept of the
e-bargepole with which not to touch it!). The wording of the email, not
saying what it's about, also sounds dodgy.

Personally, I'd be tempted to fetch the file, and scan it with some
up-to-date malware detector (maybe doing so a few days after it was
sent, to give the malware folk time to catch up - assuming getting a
file from DropBox doesn't force you to execute it. (Not being a regular
user, I don't know.)

Can you tell what sort of file it is (looking out for hidden/duplicate
extensions; I presume you have "hide extensions of known filetypes" or
whatever it is called, turned OFF, so you see ALL extensions). A .txt or
.bmp are likely to be safe; most Office formats (.doc[x], .xls[x]) have
the potential to contain dodgy macros. I _think_ .pdfs can contain code,
as can .jp[e]g images if viewed with a viewer that uses Microsoft
libraries before a certain date (it's a buffer overflow error that, I
think, IrfanView for example doesn't run). If it's a .bat, .com, or .exe
file, it's VERY likely to be dodgy (though if .bat, you can open it in
NotePad or similar to see what it contains).
--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)***@T+H+Sh0!:`)DNAf

Speed has never killed anyone. Suddenly becoming stationary, that's what gets
you. - Jeremy Clarkson, Top Gear
Robin Stevens
2018-05-09 20:05:19 UTC
Permalink
Raw Message
"J. P. Gilliver (John)" <G6JPG-***@255soft.uk> wrote in uk.media.radio.archers:

> I share the apprehension of others (I like the concept of the
> e-bargepole with which not to touch it!). The wording of the email, not
> saying what it's about, also sounds dodgy.

I agree, everything about it screams out not to touch it. In my
experience, the answer to "is this email dodgy?" is almost invariably
"yes". The likely outcome of opening something you shouldn't are almost
always worse than those of not opening something you should.

> Personally, I'd be tempted to fetch the file, and scan it with some
> up-to-date malware detector (maybe doing so a few days after it was
> sent, to give the malware folk time to catch up - assuming getting a
> file from DropBox doesn't force you to execute it. (Not being a regular
> user, I don't know.)

One option for the curious and tech-savvy is to send it to
https://www.virustotal.com/ who will run it past a whole bunch of antivirus
tools and tell you which ones think it's nasty.

But you still have to be careful that you don't accidentally double-click
it, or even cause some kind of "preview" function to open the file on your
system. I've known experienced IT staff screw up and accidentally infect
their own machines when handling dangerous attachments, so the message for
the "average" user is simply to delete if in any doubt.
Loading...