Possible SPAM from SitePoint?

Hello, all,

I just went through my SPAM folder, and noticed that there was an email claiming to be from “SitePoint Forums”.

The link included in the email was for a FQDN “sitepointforums.com”. I’m pretty sure it was a phishing attempt. I just wanted to post and ask if the email was legitimately from SPF? I haven’t deleted it, yet, so can still get header information, if it will help.

V/r,

:slight_smile:

That does look suspicious, as you can see by looking in the address bar the forum domain is

Although sitepointforums.com redirects here so it may be legit.

@Jasmine ?

Hey @WolfShade, that doesn’t sound like it’s from us. Would you be able to send me a screenshot of the email content?

@Jasmine, I’ll try to remember to get a screenshot after I get home from work. It was sent on 22 MAR 15, advertising some sort of four-pronged Q&A for something Microsoft related. Don’t remember, exactly.

Thank you,

:slight_smile:

Uh wait, I got that too. I don’t think that was spam though? I got this on the 23rd.

I have HTML and graphics disabled in all of my email clients, so I can’t say if it is the same email. If it’s legit, it does have some things about it that kind of triggered flags in my head.

V/r,

:slight_smile:

I have it disabled too but for the purpose of posting this here I did enable it. I can screenshot the disabled version if you please.

Just an FYI, it was legit.

and

Thanks, @cpradio. I’ll stop being leery of it. :smile:

1 Like

I would like to hear your thoughts on what made you leary of it though.

Well, first off is the part where Thunderbird threw it into my Junk folder. Apparently there was sufficient pattern in the outgoing email to cause Thunderbird (via Spam Assassin, I think) to label it as such. I’ve never had any issues with email from SP, before - they have always (until this) landed in my Inbox.

The next trigger was the link to “sitepointforums.com”. Maybe that was a commonly used FQDN before I created my account, here, IDK. But for as long as I’ve had my SPF account (created shortly before the conversion to Discourse), I think the URL was either “forums.sitepoint.com” or (as now) “community.sitepoint.com”. So seeing that different FQDN made me think of hackers/phishers creating a bogus-but-legit-sounding domain in order to get information.

Off the top of my head, that’s all that I can think of. I don’t have access to the email, right now, so can’t bring it up to comment upon it, further.

V/r,

:slight_smile:

2 Likes

Please do, if you think of something else!

1 Like

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.