Email from WeTransfer May Contain Phishing Scams

Author

Reads 876

A man participates in an online video conference call from home using his laptop, fostering remote communication.
Credit: pexels.com, A man participates in an online video conference call from home using his laptop, fostering remote communication.

WeTransfer is a popular platform for sending large files, but be cautious of emails claiming to be from WeTransfer. These emails may contain phishing scams that try to trick you into revealing sensitive information.

Some WeTransfer emails may appear legitimate, but they can be used to steal your login credentials. This is because scammers often use fake email addresses or URLs that mimic WeTransfer's domain.

WeTransfer emails can also contain malicious links or attachments that can harm your device. It's essential to verify the sender's email address and check the URL before clicking on any links.

If you're unsure about the authenticity of a WeTransfer email, it's best to delete it or contact WeTransfer's support team directly.

Phishing Scams via Email

Phishing scams via email are a serious threat, and one of the most convincing types is the "WeTransfer - You Have Received Files" email scam. This scam notifies you that someone has sent you a file via WeTransfer, but it's actually a phishing email designed to steal your login credentials.

Credit: youtube.com, I Just Got a WILD Scam Email - Many People Will Fall For This

The email may include a message from the supposed sender, making it look like a legitimate email from a trusted source. However, all the information in the email is false, and clicking on the "Get your files" button will redirect you to a phishing website that records your login credentials.

The attackers may also use custom notes to camouflage the email as an invoice ready to be reviewed, making it look even more convincing. Once you click on the "Get your files" button, you'll be redirected to a WeTransfer download page where a malicious HTML file is hosted, which will be downloaded by the unsuspecting victim.

The phishing landing page will then be opened in your default web browser, tricking you into giving away your credentials for Office 365 and other online services. This is a very popular phishing tactic designed to lower your guard and take advantage of your trust in WeTransfer, a well-known and trusted file hosting system.

As a result, you may experience severe privacy issues, financial losses, and even identity theft. If you've already typed your login credentials into a phishing webpage, change the passwords of all possibly exposed accounts and inform their official support without delay.

Phishing Campaigns and Gateways

Credit: youtube.com, Checking Email For We Transfer File

Phishing campaigns are getting sneakier, and one way they're doing it is by using legitimate services like WeTransfer to evade email gateways.

WeTransfer is a well-known and trusted file hosting system, used to share files too large to attach to an email.

These links will typically bypass gateways as benign emails, unless settings are modified to restrict access to such file sharing sites.

The attackers send real WeTransfer notifications via email, which inform recipients that someone has shared a file with them.

They're using the comment feature in WeTransfer notifications to tell the victim that the file is important.

The entire delivery method is legitimate, so most email filters aren't watching out for this behavior.

As security technologies adapt to known vectors of attack, threat actors are increasingly taking advantage of legitimate services to carry out phishing attacks.

This attack method has been observed to bypass multiple gateways, making it a concerning trend in phishing campaigns.

Think Before You Click: Phishing Alert

Credit: youtube.com, What Happens If You Click On Links In Phishing Emails?

Be cautious with links from unfamiliar senders, especially those claiming to be from reputable companies like WeTransfer.

WeTransfer emails often contain links to share files, but these links can be malicious, as seen in the case of the suspicious email that prompted a password reset.

Hover over links before clicking to check the URL and ensure it's legitimate.

WeTransfer's official links typically start with "wetransfer.com" or "we.tl" but scammers may use similar-looking URLs to deceive users.

Verify the sender's email address to ensure it's from a legitimate WeTransfer account.

A common phishing tactic is to use a fake email address that closely resembles the real one, making it difficult to spot the difference.

Readers also liked: Remitly Email Address

WeTransfer Incident

WeTransfer, a popular file transfer service, had a security incident where file transfer emails were sent to unintended email addresses on June 16 and 17.

Users were logged out of their accounts and forced to reset their password as a precautionary measure to protect their accounts.

The company blocked the unintentional transfer links to prevent further downloads.

WeTransfer urged affected individuals to monitor their account for any "suspicious or unusual emails."

Intriguing read: Email Money Transfer

WeTransfer Hosted Phishing Redirectors

An African American woman with curly hair works attentively on a laptop in a modern office setting.
Credit: pexels.com, An African American woman with curly hair works attentively on a laptop in a modern office setting.

WeTransfer was used to host phishing redirectors, a tactic designed to lower targets' guard and trick them into clicking on malicious links.

Threat actors added custom notes to the phishing emails, often camouflaging them as invoices ready to be reviewed, to make the WeTransfer notification look more convincing.

The victims were redirected to the WeTransfer download page where a HTM or HTML file was hosted and downloaded by the unsuspecting victim.

This file, when opened, would open the phishing landing page in the victims' default web browser, tricking them into giving away their credentials for Office 365 and various other online services.

The links would typically bypass gateways as benign emails, unless settings were modified to restrict access to such file sharing sites.

WeTransfer notifications were being used to inform recipients that someone had shared a file with them, making the link seem legitimate and increasing the chances of the victim clicking on it.

Two business professionals working on digital devices inside a private jet.
Credit: pexels.com, Two business professionals working on digital devices inside a private jet.

The attackers were using the feature to include a comment in the email, telling the victim that the file was important, to make the link seem more trustworthy.

The entire delivery method was legitimate, so most email filters weren't watching out for this behavior, making it a successful phishing tactic.

WeTransfer Incident: Unintended Email Recipients

WeTransfer issued a security notice to inform users that file transfer emails were sent to unintended email addresses on June 16 and 17.

The company logged out of some users from their account and forced them to reset their password in response to the incident.

Users who were impacted by the incident were sent an email stating that a transfer they sent or received was also delivered to some people it was not meant to go to.

The email also stated that the company had blocked the link to prevent further downloads, as a precaution.

WeTransfer urges affected individuals to monitor their account for any suspicious or unusual emails.

The company did not disclose technical details about the problem at the time of the incident.

If this caught your attention, see: Hotmail Email Account

Frequently Asked Questions

Does WeTransfer send an email?

Yes, WeTransfer sends two email notifications: an upload confirmation and a download confirmation. These emails keep you informed about the transfer's status.

Abraham Lebsack

Lead Writer

Abraham Lebsack is a seasoned writer with a keen interest in finance and insurance. With a focus on educating readers, he has crafted informative articles on critical illness insurance, providing valuable insights and guidance for those navigating complex financial decisions. Abraham's expertise in the field of critical illness insurance has allowed him to develop comprehensive guides, breaking down intricate topics into accessible and actionable advice.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.