Forum Discussion

jj1pwd's avatar
jj1pwd
New Contributor
2 months ago
Solved

Phishing email attempt - be careful out there

I just received this phishing email and thought I would share it with the community as a reminder to stay safe and always inspect before you click. I already forwarded the email to 1password (with headers) in addition to reporting it to the abuse email of the campaign service it came from. Not sure how they got ahold of the email though.

 

experience
security tips
  • 1P_SimonH's avatar
    1P_SimonH
    2 months ago

    Thank you to everyone who shared information about the phishing emails they received. We appreciate the community working together to keep each other safe!

    As others have suggested, we believe these emails were sent to a large number of people in the hopes that some of them happened to be 1Password users. We've identified the platform used for sending the phishing emails and reported it to their security team. Additionally, we can confirm that the phishing domain has been taken down.

    If you ever receive emails like these claiming to be from 1Password, you can always email abuse@1password.com to confirm whether they’re legitimate. If you opened the link in the phishing email or any other suspicious links and entered your details, contact support@1password.com and we’ll be able to help.

    You can learn which domains 1Password uses to send emails and what links are used for marketing, so you can validate messages you receive, using this guide: 1Password email and marketing domains Support.

    Thank you all again and let us know if you have any questions!

3 Replies

Sort By
  • 1P_SimonH's avatar
    1P_SimonH
    Icon for Community Manager rankCommunity Manager
    2 months ago

    Thank you to everyone who shared information about the phishing emails they received. We appreciate the community working together to keep each other safe!

    As others have suggested, we believe these emails were sent to a large number of people in the hopes that some of them happened to be 1Password users. We've identified the platform used for sending the phishing emails and reported it to their security team. Additionally, we can confirm that the phishing domain has been taken down.

    If you ever receive emails like these claiming to be from 1Password, you can always email abuse@1password.com to confirm whether they’re legitimate. If you opened the link in the phishing email or any other suspicious links and entered your details, contact support@1password.com and we’ll be able to help.

    You can learn which domains 1Password uses to send emails and what links are used for marketing, so you can validate messages you receive, using this guide: 1Password email and marketing domains Support.

    Thank you all again and let us know if you have any questions!

  • norysang's avatar
    norysang
    Frequent Contributor
    2 months ago

    ajh0912not necessarily, there's already a https://www.reddit.com/r/1Password/comments/1j8wxya/comment/mh9xkq9/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button from a user that received the phishing on an address not associated with 1Password while the one linked to 1Password didn't receive it (so far).

  • ajh0912's avatar
    ajh0912
    Dedicated Contributor
    2 months ago

    There's at least 11 other people in this reddit thread who have received the same email: https://www.reddit.com/r/1Password/comments/1j8xclx/just_got_a_phishing_email_definitely_not_from/
    No certainty yet about where the email addresses were sourced from, but it's clearly spear phishing and they know the individuals are 1Password customers.