I downloaded what purported to be the latest version of DropBox and paid the fee ($15). Version 3.0.4 (4449). I can’t figure out how to use it yet, but I began to wonder whether it’s a fake. If I click on the profile button it says “Sing out” rather than “Sign out” and below that the word “Actions” is misspelled “Acctions.”
I just want to move a bunch of photos I have uploaded into a folder and share them with the office I volunteer for.
It looks like I indeed downloaded a fake. I deleted every file I could find related to it. I then navigated more carefully to the DropBox site, downloaded the free copy and installed it. It now looks and functions like the old version.
Looks like i’m out $15. Hope it didn’t leave anything nasty on my iMac.
FWIW, I needed to send a bunch of photos through Dropbox last night after not using it for 2 or 3 years, and in the process downloaded a new version with no request for payment. The version of Dropbox on my Mac evidently took me to the right place needed for the upgrade.
If you don’t mind telling us, how were you led to a scam download? Did a link appear at the top of a Google search? Or did you follow a hyperlink in an email? Or was it something else?
(I’m asking both to help anybody who reads this thread in the future and because there’s a related recent discussion about scam phone numbers)
“Official looking” is not hard for any Tom, Dick, or Harry to accomplish. Always check the URL of any download page very carefully. I always go straight to the publisher’s site if it’s not an App Store offering.
Someone really ought to sue Google for being complicit in these scams. The only way they’re going to end is if the search engines start being a little more careful about the advertising they accept and the misuse of trademarks.
In addition to getting a new credit card number, make sure you change your dropbox password - presumably you tried to enter that into the fake software and gave your password to the scammers. They may have access to all your files.
You’ve learned a valuable lesson. Pay attention to details when installing software. Use the App Store when possible and go direct to 3rd party developer websites to install software. For example, you should have just gone right to dropbox.com and downloaded the official software.
Was the installer a PKG file or a DMG?
Mothers Ruin has wonderful apps to inspect PKGs and App Bundles as well as binaries.
DMG images where you mount and drag and drop to /Applications have everything contained inside the app bundle. (usually) so deleting an app from /Applications is very likely to remove it entirely except for some trace items in ~/Library, etc.
While PKG files are far more dangerous they contain a hierarchal tree of full paths where the files will be copied. It can also run any sort of script or binary executable. Inspecting pkg installers is a must in corporate IT.
Supply chain attacks are becoming more common. Bad actors could have replaced the official PKG with a malicious one, etc. So we always test everything before deploying it to user Macs.