shipping details , and a fake invoice . But the file was actually a .zip archive that contained a JavaScript file which contained a Trojan dropper . The attackers continued to send outAttack.Phishingthe emails for about 12 hours . However , Gill gave Dropbox credit for responding quickly . `` I would say that after about an hour , we saw a lot of the links disabled , '' he said . `` After two hours , I was hard press to find a link that was n't disabled . '' Altogether , Gill estimated that the attackers had sent outAttack.Phishinghundreds of thousands , and possibly millions of messages . And since the messages arrivedAttack.Phishingright at the start of the workday in Europe , it would n't have taken long for potential victims to open the emails and click on the links . The attackers just need a small window of opportunity , he said . In addition to using spam filters , anti-virus , and training employees to identify malicious emails , there are other things enterprises can do to protect against this particular threat vector . For example , Gill said , companies could decide not to allow Dropbox in their environment . `` If you wanted to be aggressive , you could ban inbound Dropbox content links , '' he said . `` And if you decided that your organization was n't going to use it , you could easily make a change to your spam filter or your web filter to block access to Dropbox entirely . '' Dropbox does pose other potential security risks for enterprises as well , he added . `` Giving your employees freedom to use it is a risky thing , '' he said . `` Who knows what they 'll put in it , either on purpose or by accident .
Noticed more emails and texts lately claiming to beAttack.Phishingfrom your bank – and not just yours ? You ’ re not the only one . Action Fraud , the UK police ’ s dedicated fraud tracking team , has revealed a significant increase in reports about phishing attacksAttack.Phishingconnected to TSB ’ s massive IT outage have been reported . A total of 176 complaints have been received , or around ten a day since April 30 . “ There has been an uptick in phishing attemptsAttack.Phishingacross the piece , ” says an Action Fraud spokesperson . TSB ’ s banking meltdown , caused by a botched IT upgrade , still has not been remedied – nearly four weeks on . And the crisis has become paydirt for scammers and hackers , who have waded into a confusing , chaotic situation and are making out with thousands of pounds worth of savings from people ’ s accounts . And it ’ s not just TSB - the number of phishing texts claiming to beAttack.Phishingfrom other banks such as Barclays and NatWest also seems to be on the rise . “ When a ‘ change ’ goes wrong and so publicly like TSB ’ s , it ’ s like cyber blood in the water , ” explains Ian Thornton-Trump , chief technical officer of Octopi Managed Services , an IT company . “ Cyber criminals pay attention to companies rocked by internal scandals or public ‘ ball drops ’ and react accordingly. ” With the bank ’ s staff overloaded trying to fix the problems that caused the outage in the first place , fraudulent transactions aren ’ t being tracked or checked as quickly as they should be . “ It is a sad fact that fraudsters might try to take advantage of situations like these , ” says a TSB spokesperson . The scammers are using one of the most common tools in their arsenal : phishing attacksAttack.Phishing. They send outAttack.Phishingmass texts and emails to customers – many of whom identify themselves as TSB ’ s customers in increasingly irate social media posts – with links to legitimate-sounding but fraudulent websites . Customers are encouraged to click a link and input their username and password to process their complaints against the company – and lose control of their bank account . Lucy Evans , 23 , is one customer who has had her cash stolen . Her TSB current account was looted , and she ’ s receivedAttack.Phishinga number of texts purporting to beAttack.Phishingfrom TSB . She was defraudedAttack.Phishingby a combination of phone calls and texts . “ I think I was targeted whilst we couldn ’ t actually view our money , ” says Evans . “ Criminals are happy to exploit people ’ s misery , whatever form that might take , ” says professor Alan Woodward , a cybersecurity specialist from the University of Surrey . “ Criminals can pretend to beAttack.Phishingthe bank and ask customers to undertake strange actions that under normal operations would seem suspicious . Customers might be so delighted to actually be able to access their web banking that they might just let their guard down that little bit more than usual. ” TSB has to act more proactively to shut down fraudulent domains and to make the public more aware of the scams circulating , Woodward argues . “ TSB need to up their game in responding to customers – as that very lack of response can be used to lure customers in. ” For those who have fallen victim , the loss of money is adding insult to injury . “ I ’ m certain I ’ ll move banks , ” says Evans , who lost the contents of her current account . “ Most of the staff have been helpful and apologetic , but this should have been resolved by now . It seems they are not fit for purpose . ”