Customers Report Increasing Fake File Notifications

Recent reports from multiple sources prompted us to issue this alert notifying our customers and colleagues of an increase in fake file sharing notification emails.

• The notifications (pictured below) appear to come from a third-party file sharing service on behalf of a known contact.
• Target recipients are instructed to click a button or link to download a file.
• Clicking the button or link downloads a file to the target computer, and any attempts to open the file result in the installation of malware on the target machine.
• Files received this way that will not open or cause errors when attempting to open often indicate the presence of malware.

So far, malware being installed through these attacks has not resulted in encryption/file-ransom techniques, but that is always a possibility in future variants.

Recommended Actions

NetTech urges all users to verify the source of files and attachments prior to downloading and/or attempting to open them. Even emails that appear to be from legitimate senders can turn out to be spoofs intended to deliver malware or viruses to victims’ computers.

All notifications of shared files or instructions to download attachments should be confirmed with the sender.

A quick email to find out if someone actually shared a file or sent a secure attachment could save hours of downtime and prevent costly data loss.

Keep your data safe by confirming the validity of such notifications prior to clicking links or buttons, regardless of how authentic the message appears to be.

And of course, contact NetTech immediately at support@nettech.net or by calling (866) 668-0001 if you suspect you have been the victim of a fake file sharing notification attack.