Dropbox is a popular service that enables you to store photos, documents and other information in the cloud.  In a phishing scam similar to what I wrote about recently, many people are receiving an email purporting to be from Dropbox telling them that Dropbox is doing an update in order to make their service more secure from hacking and that the user needs to click on a link in order to update his or her account.  Of course, this is just a phishing scam intended to lure the victim into clicking on the link in which event the victim will either be told to provide personal information including passwords that will be used by the scammer to make the person a victim of identity theft or merely by clicking on the link, the victim will unwittingly download keystroke logging malware that will enable the identity thief to steal all of the personal information on the victim’s computer or smartphone and use it to make the person a victim of identity theft.


The particular phishing email presently being circulated appears to be legitimate, however, it is not sent by a email address used by Dropbox.  If the email does not appear to originate with dropbox.com, dropboxmail.com or other legitimate Dropbox email addresses, which you can find  by going to this link https://www.dropbox.com/help/217#email you can immediately dismiss the email as a phishing scam.  However, even if the email address appears legitimate you should still be skeptical and contact the company at a phone number or email address that you know is legitimate to find out if the email is legitimate.  Here is a link you can use to contact Dropbox about issues with your account.  https://www.dropbox.com/supportChances are with this type of email, it is a scam.  Dropbox is also a company that allows you to use dual factor identification, which dramatically increases your personal safety because even if someone gets your password, they cannot access your account.  If you use Dropbox, I heartily advise you to protect your account by using dual factor authentication.  Here is a link from Dropbox to help set up dual factor authentication. https://www.dropbox.com/help/363

This is another example of why it is a good practice to have separate distinct passwords and usernames for all of your accounts so that if one company where you have your information is hacked, your other accounts are not endangered.  In addition, as always, if the company with which you are dealing provides for dual factor identification, you should take advantage of this to provide added security so that you would not be in danger of having your account taken over even if someone managed to get your username and password.  Dropbox provides for dual factor identification.  If you use Dropbox and haven’t yet added dual factor identification, here is a link to enable you to set it up for your account. https://blog.dropbox.com/2014/10/have-you-enabled-two-step-verification/