Phishing link notice
» Published on
-
Post-Mortem
Most domains have cleared with Microsoft, and we are contacting customers as we update the config for these.
» Updated -
Post-Mortem
While the original domains remain blocked with Microsoft, we have moved all affected customers to alternative domains and updated active support tickets. We of course continue to submit take-down requests to Microsoft and monitor affected domains.
» Updated -
Post-Mortem
Although Microsoft have removed the warning for some domains, most are still showing the warning banner in Outlook and Edge, so we continue to report the sites as safe.
» Updated -
Post-Mortem
We continue to submit takedown requests to Microsoft SmartScreen to remove the blocks that have been added after this issue was already resolved.
» Updated -
Post-Mortem
After this was resolved on Monday, Microsoft have started to add phishing warnings to domains that point to Maxemail on Tuesday. These affect click-throughs for Outlook users who also have Microsoft SafeLinks, and users of Microsoft Edge. As there are no active phishing incidents this delay is unexpected. There have been increased SafeLinks bot clicks on existing click-through links, which suggest they are increasing scanning to verify lack of phishing campaigns.
» Updated -
Resolved
Reviews have been submitted to systems that have flagged malicious URIs, with report status of: "Malicious URI redirects have been removed. User account passwords have been reset."
» Updated -
Update
This is an isolated incident linked to a single client. We are continuing to investigate and have removed the affected links so the malicious site warnings can be cleared.
» Updated -
Investigating
We are aware of phishing link notices posted in regards to sites associated with Maxemail. This includes client custom domains that are linked to Maxemail.
» Updated