Suspicious Invoice Email Pretending to be Linode

I got a suspicious email with link such as:

"http://login.linode.com.login.return.to.https.54124843.scrappies.net/cxxxxx/yyyyyy/zzzzz/fffff">https://cloud.linode.com/login

I tried this link in an incognito window and it pulls up a fake login screen!

Guys, anyone else got this type of email?
Looks like spammers or someone is after Linode customers!
Be aware!

I sent the original email to support@linode.com so that they can review it and see if they can do anything about it.

Be aware!
Thanks,

Kabir
Long Time Linode Customer

2 Replies

I received two fake notices on Dec 21 at my main e-mail address. One was a notice of a new invoice that said it was due today and would be automatically billed, and it was not in a normal style. The other was a fake event notice of a server shutdown but with a server name I didn't recognize. Looks like it's an attempt to get someone to react that a billing mistake was made or one of their servers shut down and go investigate their billing/server status by clicking the links.

@evoknow and @mjplrb The emails you two are referring to are indeed phishing attempts against customers and non-customers alike. We are actively working on ways that will make it more difficult for people to spoof our domain. In the meantime, we do not recommend clicking on the link for the reasons you have stated above.

The below Community site post goes into further detail:

https://www.linode.com/community/questions/19094/phishing-emails-targeting-linode-customers

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct