Phishing campaign via Dropbox with mysterious file. The bait is two documents in storage. The attachment is recognized as clean by sandboxes, but it disables the Windows firewall

Dropbox is still the bait for a new phishing campaign aimed at stealing credentials. The theme is that of two documents in storage, sent through the service.

The link in the email points to a landing page that simulates that of Dropbox where the username is already pre-set. The victim only needs to type the password, but any alphanumeric code entered will be incorrect and after three attempts, they will be redirected to their real homepage. Attached to the text there is also a mysterious file, which the sandboxes do not detect as malicious, but it seems it disables the Windows firewall.