Weird Email from Dropbox saying my Dropbox app is out of date 2

This happened Saturday, 2014 Aug 16.

• I received an email allegedly from Dropbox.
• It says my Dropbox app is out of date.
• Strange, because the Dropbox app updates itself, silently and automatically.
• I check my Dropbox version.  It is Dropbox 2.10.27.  Is this the latest, I don't know?
• By the way, I have Mac OS X 10.10 Yosemite DP5.
• The email (HTML) contains an "Update" button anchored to:
• That looks legitimate.
• So I click the button.  A web page opens, a download begins, disk image decompresses, appears. 
• I double-click the decompressed   Gatekeeper (Apple security feature built into OS X since late 2012) pops up a dialog, tells me that app is not allowed to launch because it is from an unidentified developer.  Eeek!
• I check the version of the decompressed app, (Contents/Info.plist).  It says that it is version 1.0.  Well, definitely that explains why it would not have been signed for Gatekeeper, if it is indeed Dropbox 1.0 which was published in 2010.  But it also would definitely not be an update from my current version 2.10.27.

# # #

It seems like either the Saturday night crew at Dropbox has made a major mistake, or this is some kind of new phishing attack that came pretty close to succeeding.

I have reported this to Dropbox support.  We’ll see what they say!

UPDATE MONDAY AUG 18 14:00 Pacific

I received a reply from Dropbox:

Thanks for contacting us! This email is actually from us and is not phishing, so go ahead and update your version of Dropbox if you haven't already. 

We regularly release new versions of the Dropbox app with additional features, better performance and security enhancements. These updates are automatically applied in most cases, but certain conditions can prevent the update from completing. When this happens, we notify you either through the Dropbox app itself or via email about this situation.

If you received this message, the solution is as simple as getting the latest version from our download page:

More information about the update process and how to continue using your Dropbox can be found here:

I hope this information helps!


And if I click on that link, there is a big blue button offering “Dropbox 2.10.28 for Mac”.  So, apparently there is a new version, and probably what Aubrey says is all true, as far as it goes.

My explanation is that

• Someone in the Dropbox weekend crew accidentally posted Dropbox 1.0 instead of the latest version of Dropbox.
• Dropbox’ automatic updater ran on my computer.
• It failed to install, possibly because Apple’s Gatekeeper would not allow the old unsigned Dropbox 1.0 which it found.
• The installation failure triggered Saturday's email to me.
• Sometime between Saturday and now, someone at Dropbox took down the 1.0 and posted the correct, latest version.

Anyhow, it looks to be fixed now.  I’ll just wait a week and probably Dropbox will update itself.