Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

spam from am.atlassian.com

Patrick
Patrick July 20, 2022

Anyone else getting massive amounts of spam from accounts on am.atlassian.com in form of team invitations?

We're getting repeating sequences of identical invitations ("Your team is waiting for you to join them") within a couple of hours (up to ten per invitation). Targets are email adresses that are not registered with atlassian.

This should be suppressed by atlassian! Invitations should be one-offs and unrepeatable to prevent spam!

atlassian sender accounts are (for example):
noreply+d7761f353ae60b68d9d81f6b08db651cf181a844b39726a7c4008e54@am.atlassian.com
noreply+c221107451071e0ac05d5028e002a7b9a36d7fec3e84f815f6221d7c@am.atlassian.com

invite-links go to
https://id.atlassian.com/signup/invite?signature=.......

content are typically of type:
You've been invited to collaborate on Facebook (3) missed messages!I want sex. https://---DONTKLICK---cutt.ly/uLCD2CJ
You've been invited to collaborate on Facebook (6) missed messages Anna want sex. https://---DONTKLICK---bit.ly/3PGjCXi


 

Answer
Watch
Like # people like this
3956 views

2 answers

0 votes
Joris
Joris March 29, 2023

Helpfull post this. I recieved the same kind of email today and since I was in doubt whether this is spam/phishing, I did a quick Google search and found this.
Now waiting for a reply from Atlassian ;)

Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
July 30, 2022

Welcome to the Atlassian Community!

I don't think these are actually coming from Atlassian systems.  It's a doddle to put a different "from" address on an email, so it, on the surface, looks like it's from a user at another domain.

I suspect someone has done that, and nicked the text from an Atlassian signup email to make it look a bit more genuine.

Best thing you can do is forward some of them to abuse@atlassian.com - they will want all the headers and trace info, so please use a simple "forward" in your send, don't try to save the email and attach it.  Also, they're not really too bothered about explanations!  They know there's a problem with spam, they just need the raw data or the incoming email.

View More Comments
Patrick
Patrick August 2, 2022

Well, according to the headers, they indeed come from am.atlassian.com

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 2, 2022

It's a bit more work to spoof the headers, but the answer remains reporting it to Atlassian to see if it really is from there.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Account
TAGS
AUG Leaders

Atlassian Community Events

    See all events