updated 7/18/2012 6:19:50 PM ET 2012-07-18T22:19:50

The cloud-based file-sharing service Dropbox has brought in external security analysts after a spate of spam emails hitting its European clients — but it insists yesterday's service outage was unrelated.

"We wanted to update everyone about spam being sent to email addresses associated with some Dropbox accounts," Dropbox employee Joe G. posted to a Dropbox support forum early this morning (July 18). "We continue to investigate and our security team is working hard on this. We’ve also brought in a team of outside experts to make sure we leave no stone unturned."

Two days ago, Dropbox users in Britain, Germany and the Netherlands began posting complaints to the service's support forums, saying that spam promoting online casinos was flooding their inboxes.

Spam isn't unusual, and the recent spate of data breaches gives spammers plenty of new addresses to work with.  But some Dropbox users said the spam was being received on email addresses they'd created solely to service their Dropbox accounts.

"Several e-mail addresses that I have only used for Dropbox purposes have been sent spam today," wrote user D.B.

Another user posted a German-language email that promoted an "EU Dice Club."

"Same content here," answered user David Psiuk, who'd earlier started the thread. "Seems like Dropbox Germany got some issues."

A Dropbox employee replied that that didn't make sense.

"We don't host any servers outside the US," wrote Michael N., "so having all the people spammed be from one country would be very odd indeed."

Other users reported getting similar email spam in English sent to British addresses, and in Dutch to Dutch addresses.

"I'm getting spam on a address (which is specific to the one I used to sign up to Dropbox and not obvious to guess)," wrote Adam K. "I don't use Dropbox often and have never shared a folder or sent an invite."

Yesterday afternoon (July 17), the entire Dropbox service went offline, but the company said that had nothing to do with the spam.

"We also want to let you know that the site outage this afternoon (from 12:35 to 12:55 PDT) was incidental and not caused by any external factor or third party," wrote Joe G.

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments