On the other hand, Dropbox does not see it thoughMicrosoftOneDrive has nearly the same number of users hosting malicious files, but still maintains the highest percentage of malicious file usage growth in quarter-on-quarter, making it the most commonly used hosting service for storing such files. Attackers find these well-known and trusted sites useful because they bypass the initial domain reputation checks performed by the security engine.
Instead of sending an email directly to the target with a malicious content attachment file, the attacker uploads the content to a file sharing site. The target victim receives a new file from the service waiting for their notification, and a link to download the file. Some of these services also provide a file preview that displays the contents of the URL and clicks on the URL without downloading the file. This makes the attack very effective and hard to find.
The report also recommends that users do not store sensitive or confidential documents on publicly-hosted file-sharing sites because millions of victims' email accounts today experience massive phishing.