Spammers are abusing a Dropbox feature that lets users share a shortened link, directing people to websites selling questionable pharmaceuticals, according to security vendor Symantec.
Dropbox, the file-sharing and synchronisation service, has a public folder that is dedicated to sharing content. Dropbox’s URL (uniform resource locator) shortening service can be used to create links to content in that public folder.
Spammers have seized on this and are creating shortened links to images stored in the public folder. The images contain a link to online pharmaceutical retailers, wrote Nick Johnston, a senior software engineer at Symantec.
We saw over 1,200 unique Dropbox URLs being used in spam over a 48-hour period, Johnston wrote.
We have informed Dropbox, providing them with the full list of URLs — via redwolf.newsvine.com