# dropbox-prod.adobemsbasic.com — MALICIOUS

> dropbox-prod.adobemsbasic.com is a fake Dropbox page hosting an active phishing scam. 10/95 security vendors flagged this domain, which resolves to IP 13.57.170.

## Summary
dropbox-prod.adobemsbasic.com is a malicious website that impersonates the legitimate Dropbox file-sharing service to steal login credentials and sensitive data. Threat actors registered this domain to deceive users into entering their Dropbox usernames and passwords on a spoofed login page. Once credentials are harvested, attackers can access victims’ cloud storage, exfiltrate sensitive files, and pivot to other accounts using the same passwords. The domain mimics Dropbox branding and file-sharing workflows, making it particularly convincing to users expecting legitimate file links.  PhishDestroy identifies this site as an active phishing campaign. VirusTotal analysis shows 10 out of 95 security vendors detected malware or phishing content associated with this domain. Public records reveal it was created on February 19, 2015, and is registered through NOM-IQ Ltd dba Com Laude, a registrar often exploited in bulk domain registrations. Despite its age, the domain remains active and continues to evade detection due to its convincing branding and intermittent hosting patterns. The SSL certificate issued by DigiCert Inc is fraudulently used to mimic legitimate security, further increasing user trust.  If you visited this site, do not enter any login credentials or personal information. Assume your Dropbox password and any reused credentials are compromised. Immediately change your Dropbox password using the official site (dropbox.com) and enable two-factor authentication. Scan your device for malware using reputable antivirus software like Malwarebytes or Windows Defender. Review your Dropbox account activity for unauthorized file access or sharing. Notify your IT team or security administrator if this occurred on a work device. Monitor your email and financial accounts for signs of credential misuse or phishing follow-ups. Always verify sender URLs by hovering over links and only access Dropbox through bookmarked or official domains.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registered: 2015-02-19 23:42:01
- Registrar: NOM-IQ Ltd dba Com Laude
- IP: 13.57.170.54

## Detection Status
- VirusTotal: 10 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 1 hits
  Lists: ["PhishingDB"]

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/1178c6b3-c2aa-48d0-90bb-638ee8adb29f
- PhishDestroy: https://phishdestroy.io/domain/dropbox-prod.adobemsbasic.com/
- LLM endpoint: https://phishdestroy.io/domain/dropbox-prod.adobemsbasic.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/dropbox-prod.adobemsbasic.com/
Last updated: 2026-03-23