Log in directly to the service you're using (Dropbox, WeTransfer, Google Drive) through your browser instead of clicking the email link.

If you didn't expect a file, or download attachments. Here is how to handle it safely: 1. Identify the Red Flags

Hover your mouse over the sender's email address. If the domain (the part after the @) looks like a string of random characters or doesn't match the service it claims to be from (e.g., download-file-123@suspicious-site.com instead of @dropbox.com ), it’s a scam. 3. Safe Ways to Proceed

Mark the email as Spam or Phishing and delete it immediately.

If you already clicked a link or downloaded something, disconnect your device from the internet and run an immediate antivirus scan .

These are often used to track who opens the email or to make a scam look like a technical system notification. 2. Check the Sender

Real services usually address you by name.