Information technology essay

free essayDropbox users may have been victims of phishing through the compromised WordPress website. The security incident happened on August, 2015.The victims of the phishing attempt may have inadvertently revealed their Dropbox passwords to hackers, thinking that they were logging into their Dropbox account to enhance the security of the accounts. The phishing incident led to a massive data leakage of Dropbox. Phishers stole login credentials from a significant number of victims. Other internet users reported successful logging to the drop box accounts using the login credentials released after the phishing incident. Phishing files stored in Dropbox accounts hosted the scam. It functions primarily by replicating the Dropbox login page to such an extent that ordinary users may not realize that the website they are redirected to is a fake Dropbox login page.  The scam did not seek to phish passwords and usernames from Dropbox only; the fake login page also provided options for logging into other web-based email services such as Gmail and Yahoo mail.

Get a price quote

Victims were reported to receive an email that purported to be sent by Dropbox. The email received mimicked the appearance and general functionality of emails sent by Dropbox. The “from” address also bore the ‘Dropbox’ name in order to convince the users further: The email informs the receiver that their Dropbox account requires a compulsory password update to reduce the account’s hacking risk. The email includes the word important as part of the email subject so as to enhance the emails sense of urgency and trick the victims. The email also informs the user that they can view a document containing credentials of previous victims by clicking on the link and logging into their Dropbox account.  The scammers prey on the victim’s heightened anxiety and curiosity to nudge them into clicking on the link.
Save 25% on your ORDER Save 25% on your ORDER

Exclusive savings! Save 25% on your ORDER

Get 15% OFF your FIRST ORDER + 10% OFF every order by receiving 300 words/page instead of 275 words/page

The user’s choice to click on the link redirects them to a login page that looks exactly like the one used by Dropbox. The resemblance of the bogus login page and the original Dropbox login page is made possible by the fact that the Dropbox page is served over SSL, a weakness that the attackers exploited. Once the victim is on the fake login page, they are asked for their Dropbox login credentials. The attacker then records the passwords and usernames of the victims and sends the credentials to the command and control node. The phisher sends a ‘not-available’ response to the browser making the victim assume that there has been a timeout on the web page. Once the victim has entered his credentials, there is no corrective action they can take. The attacker can then store the password and username combination to attack later or sell them to another party. A potential victim could, however, avoid the scam by checking the address of the link which is bound to be substantially different from that used by Dropbox. However, few users are likely to check this before inputting their login credentials.

Our Benefits

  • English Speaking Writers
  • Plagiarism Free Papers
  • Confidentiality Guaranteed
  • VIP Services
  • 300 Words/Page
  • Affordable Prices

It is possible for phishing to occur through compromised WordPress websites without the owner of the site ever being aware. This particular scam utilizes WordPress sites to serve phishing pages to victims using secure security channels. By using channels that have SSL, the possibility that the browser will give security warnings to the potential victim visiting the phishing page are minimized. Despite the page being over SSL some of the content is not served over the secure SSL protocol. Some browsers may, therefore, show some subtle warnings to the user such as a change in color of the padlock on the taskbar. The warnings may, however, go unnoticed by the user and thus by the time the user realizes that phishing has occurred, the hacker has already stolen the login credentials.

How It Works

Compromised WordPress websites have been used to carry out numerous phishing scams and in spreading malware. A considerable percentage of WordPress sites run plugins that are vulnerable to external attacks by hackers. Phishers hide the phishing files in subfolders which are not linked to the main pages of the WordPress website. The attacks on the WordPress sites are, therefore, hard to detect because scanning of the WordPress site is unlikely to discover the hidden phishing files. The attacks on the WordPress websites that ultimately enable phishing attacks using the sites is attributable to software vulnerabilities of the WordPress platform and poor passwords and usernames combinations in credentials used by the administrators of the websites.

Dropbox Phishing through Compromised WordPress Sites

Dropbox users may have been victims of phishing through the compromised WordPress website. The security incident happened on August, 2015.The victims of the phishing attempt may have inadvertently revealed their Dropbox passwords to hackers, thinking that they were logging into their Dropbox account to enhance the security of the accounts. The phishing incident led to […]

Imaging System Technology

Decision Support System (DSS) Decision Support System (DSS) is a system that combines data, complex analytical models, and user-friendly software in one powerful system. DSS can support semi-structured or unstructured decision-making. DSS is under user control from the start to the implementation into everyday operations. The basic concept of DSS is to give users the […]

Computer Science Technology: Information Security

The most important issue today is to maintain business or personal data secure. Frequent security breaches on a few major enterprises made data protection against unauthorised access a topical concern. As per definition, data severance is an incident when protected or confidential data has been stolen, viewed, or used in the inappropriate way. Companies all […]

Software Protection Key License

The paper regards the issue of software protection key licenses. The essential aspects the paper touches upon are determination of the software programs and their level of protection, possible ways of protection, the ways of generating key licenses, emulation, etc. When emulation produces no impact on the application, the code does not compile, and the […]

What is Information Architecture?

The development of technologies can introduce significant changes in the daily lives of people. The payment of bank accounts, online shopping, and the order of new equipment from the other end of the world serve as examples, but these are merely the tip of the iceberg. The creation of multimedia platform allows students to obtain […]

Relative Merits and Challenges of the Cyber Security Standards

Cyber security standards are becoming a central concern for the people engaging in development of the computer system. The need for cyber security has struck the whole world due to the increasing use of computer devices. People consider security as a fundamental issue that facilitates the functioning of all the cyber activities. Therefore, managers concerned […]

The Effect of Outsourcing on IT Careers

In the present day business environment, both large scale and small enterprises are increasingly relying on outsourcing to perform some of their business operations. Outsourcing entails delegating some in-house business processes to an outside service provider, after which the outside service provider is liable to run and maintain the business process that has been outsourced. […]

Can Cloud Computing be Secure?

Cloud computing is a term used to refer to several computers that are connected through a communication network such as the Internet. This implies that cloud computing enables people to run diverse programs or applications in several connected computers at the same time. The ideology behind cloud computing emanates from the setup of the network-based […]

Data in Digital Forensic Investigation

It is difficult to ignore the fact that modern society exists in the environment of computer technologies. Furthermore, such technologies have penetrated all fields of human activity. There is no doubt that it is considerable progress of the entire mankind, but it is worth saying that every single phenomenon has negative aspects, as well. In […]

Data Management through Cloud Computing and Its Context in Future

For years, business managers have been struggling with a question whether to adopt cloud computing as a way of managing organization data. This process provides better control, although it can be uneconomical and complicated to implement it. Cloud computing is a new solution for ever emerging issues in business context using internet to rely on […]

The Internet and Ethical Debate on Information Privacy

The main ethical concern that the Internet poses on information is its manipulation, accessibility or inaccessibility. It facilitates simultaneous and wider access to information, some of which is not expected to be available to the publicly. The Internet can also exclude certain people from accessing to information or knowledge about the spreading of information through […]

Quality of Service (QoS) Plan in Cloud Computing

Cloud computing provides well-situated on-order system access to a number of collective build-up computing resources, such as servers, Internets, requests services and storage space. Such system access is stipulated and discharged with the service supplier interaction or negligible administration efforts. In today’s setting, many companies are adopting such cloud computing given that the service permits […]

Tips for Designing Websites

Websites are means of communication where various types of information are posted including videos, text, pictorials, and audio messages (Carey, 2013). The effectiveness of the website designed depends on the first impression that it makes to the online visitor. However, to make the communication aids successful, it is necessary to properly utilize them. An audio […]

Computer Security

Modern society is dominated by the constantly increasing role of computerized systems. Computers have nowadays become an integral part of people’s lives and are used for everything, starting from banking and to shopping and communicating. They store private information, emails, corporate information, and others. It is essential for the user not to lose their information […]

Cyber Standards and Policies

Meta-data is without doubt an intriguing issue today. This paper covers the recent patterns in business intelligence and yet an additional area of consideration of the business enterprise known as cyber security risk. It is not just about whether a server will be hacked; it is about the sorts and measures of information that are […]

Three Forces that are Driving Globalization

The definition of the term “globalization” is versatile and multipurpose. Globalization can be defined as a continuous process that makes countries and citizens interdependent. Furthermore, the process of globalization involves integration in terms of economics, politics and culture. It is important to note that the phenomenon of globalization has  penetrated all spheres of human activity […]


The paper gives justification for the adoption of information system in the provision of government services in the Third World countries, which includes African and Latin American states. Governments normally provide vital services to the citizens and in the same vein provide tenders to the business class. However, in the Third World countries, which are […]