Anything that cyber criminals can exploit to gain your trust and trick you into downloading malware will be used in attacks at some point. It’s not a matter of if, it’s a matter of when.

Since a lot of people use WeTransfer, the emails they send are usually trusted and opened immediately. Online criminals take advantage of this and forge emails that looks exactly like the ones sent by WeTransfer.

The malicious actors use details (names, email addresses, etc.) stolen from other victims and create the emails so that they look like the real deal.

Once the victim received the email and downloads the archive, he/she will most likely open it. The problem is that the archive is loaded with Cerber ransomware, which will encrypt all the data on the PC and ask for ransom to unlock it.

This doesn’t mean that WeTransfer has been compromised – they’re victims, just like you can be.

The entire attack is based on social engineering tactics, which use psychological manipulation to get their way. You can read more about it here: WeTransfer random name at your own domain has sent you a file malspam delivers cerber ransomware.

Top tip: always, ALWAYS analyze an email before opening it or before clicking on suspicious links and attachments. Especially if it comes from an unknown sender.