Menu
SendGrid Amazon SES compromise leads to phishing email

SendGrid Amazon SES compromise leads to phishing email

Fake email from 'Sendgrid Renewal Team' does the rounds

Credit: Dreamstime

Email services provider SendGrid has had its service hit by a phishing spoof due to a compromised Amazon SES account.

According to security firm MailGuard, the email purports to come from the 'Sendgrid Renewal Team', using its branding, images and support links.

However, according to MailGuard, the domain used in the email address provided in the “from” field doesn’t belong to SendGrid and comes from a compromised Amazon SES account.

The email informs recipients that their services have “failed to auto-renew and are about to expire”. To rectify the issue, recipients are advised to update their billing information via a link.

Users who click on the link are led to a page that instantly redirects them, then leads them to a legitimate-looking copy of the SendGrid login page, which is a phishing page hosted on a compromised website

If the unsuspecting user submits their credentials, the attacker can harvest them for later use, and the user is then redirected to the actual SendGrid login page.

"Many companies use SendGrid to communicate with their customers via email, or else pay marketing firms to do that on their behalf using SendGrid’s systems," MailGuard said in a blog post.

"Receiving an email informing them that their services are “about to expire” is therefore likely to be alarming among companies. They may want to take immediate action in order to minimise disruptions to email communications with their customers. Cybercriminals hope that in their urgency to rectify the issue, users don’t pause to check for the legitimacy of the email and click on the phishing link."

Although the email has elements such as branding and imagery, MailGuard pointed out that the inaccurate spelling of SendGrid in the email's display name — 'Sendgrid' — and the fact that the email's sender address doesn't use a domain belonging to the company are red flags. 


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags SendGridAmazon SES

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments