Statement Details

Information on the SAA Phishing Email Attack

Oct 02, 2024
On October 1, 2024, the SAA experienced a phishing email attack.

Before you read farther, please delete any emails that you received yesterday “from” emma_sunseri@saa.org that has the subject line “DROPBOX” or “from” no-reply@dropbox.com that begins with the subject line “Emma Sunseri shared...” These are the phishing scam emails, and you should delete those messages immediately.


Please immediately delete the phishing emailsIf you did not click on the link or open the file (even if you opened the email and read it), you should not be impacted further. To be extra-cautious, reset your password.

If you clicked on the link and/or downloaded the file, please contact your IT administrator right away. You need to reset your password to your email and to any sensitive accounts that use your email address (as hackers can use your email access to reset passwords and gain access to those other accounts). Your IT administrator should force all users to log in again using your new password.

Unfortunately, you may also need to email your contacts warning them not to open an email purportedly “from” you or “from” Dropbox.

The SAA’s IT manager identified the cause of the attack and took remediation steps. We reported the phishing emails to Dropbox (abuse@dropbox.com), the Anti-Phishing Working Group (reportphishing@apwg.org), and to the Federal Trade Commission.

 SAA staff reached out to all email recipients in a separate email message yesterday to help make sure the phishing messages are identified and deleted.

 We are working with our IT manager to enhance our security measures so that something like this does not occur again, and we apologize for any inconvenience.