The warning comes from Jonathan French, a security analyst with AppRiver, the cloud-based email and Web security specialist, and says that the emails seek to extract sufficient data to access the user’s DropBox account.
The emails, he says, come in with a sad computer face claiming the recipient has requested a password reset and their old password is now dangerous.
The email itself, he adds, contains a link that when clicked, leads the user to a page saying their browser is out of date and they need to update it.
The links in the email messages, he claims, came from 54 unique domains but the entire download links in the browser-out-of-date pages to actually download the malware were hosted at dynamooblog.ru – which was registered over the weekend.
“As always, take extreme caution when you get any password or banking emails out of the blue,” he says in his latest security posting, adding that netizens should always check where they may lead and what information they may be asking.