
WeTransfer, a popular file-sharing service, has become a new phishing threat in disguise.
Phishing attacks are on the rise, and WeTransfer emails are being used to trick users into revealing sensitive information.
WeTransfer emails often contain links to verify your account, but be cautious, as these links can lead to malicious websites.
These malicious websites can steal your login credentials, making you vulnerable to identity theft.
WeTransfer emails may also contain requests to update your account information, but you should never click on links or provide sensitive information through unsolicited emails.
It's always best to log in to your WeTransfer account directly to verify any information.
What is the Attack?
The attack in question is a phishing scam that uses WeTransfer as a front to deceive unsuspecting users.
The attackers send an email that appears to be from WeTransfer, with a sender name and title that closely resembles a genuine WeTransfer email.
The email body claims that WeTransfer has shared two files with the victim, complete with a link to view them.
The link leads to a phishing page supposedly of Microsoft Excel, featuring a blurred-out spreadsheet as the background and a form to enter login credentials.
The email already contains the victim's email address to create a sense of legitimacy.
The email sender domain is a web hosting services provider called 'valueserverjp,' based in Japan.
This domain was previously reported to be used in phishing attacks last year by Infosec analyst Laur Telliskivi.
Another variation of the attack uses real WeTransfer notifications to inform recipients that someone has shared a file with them.
The attackers use WeTransfer's feature to include a comment in the email, telling the victim that the file is important.
This legitimate delivery method often bypasses email filters, as most filters are not watching out for this behavior.
Email Scam Details
Wetransfer emails often contain suspicious links that can lead to phishing sites.
These links are designed to trick users into revealing sensitive information, such as login credentials or financial details.
Recommended read: Are Google Drive Links Safe
Be cautious of emails claiming to be from Wetransfer, but contain generic greetings and lack personalization.
Wetransfer emails typically address users by their actual names, not generic terms like "Dear user".
Beware of emails asking you to click on a link to verify your account or update your information.
Wetransfer emails usually contain a specific link that matches the content of the email, not a generic link.
Phishing emails may ask you to download an attachment, which can be a malicious file.
Wetransfer emails usually don't contain attachments, and if they do, it's to share a file, not to trick you into downloading something malicious.
A unique perspective: Hostinger Emails
Frequently Asked Questions
Does WeTransfer send an email?
Yes, WeTransfer sends two email notifications: an upload confirmation and a download confirmation. These emails keep you informed about the transfer status.
What email address does WeTransfer use?
WeTransfer sends service-related emails from "@wetransfer.com", but may use "@wetransfer.zendesk.com" for support emails. Verify the sender's email address to ensure it's legitimate.
Featured Images: pexels.com


