You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
For the third time this month I received an email from Jira stating that I was invited to project and then immediately spammed with a phishing site. I fixed this by creating an account, deleting the issue, and disabling all notifications.
However, they are using different variations of my email:
and so on...
I can't seem to find a proper place to report this. More importantly, I can't believe people can exploit a stable product like Jira so easily. Why would you send me issue notifications before I even create an account?
Edit: I already reported this to abuse address. Nothing has been done to resolve this issue so I'm assuming Atlassian simply doesn't care.
The site that sent this message has already been suspended today. It appears that this site was suspended right around the time you posted here to community. I believe that if you reported this by forwarding it to email@example.com then that report is what helped our team to identify this site as violating our terms of service. Our abuse team is unable to reply to any messages sent to that address though.
Sorry that someone has send you spam with our services. We are working to takedown such sites faster, and prevent users from abusing messaging features of our products.
In the future if you receive spam from an Atlassian Cloud site, I would ask that you please forward that message to that email address firstname.lastname@example.org
Alternatively, you can report it to us here in Community, or you could reach out to our support contact page https://support.atlassian.com/contact
Yes, I saw that it was suspended. The first one one wasn't suspended for a full week, which is frustrating. It would be nice if Jira filtered out emails with a period or with a +, this would make abuse much harder.
Or, requiring email verification before sending anymore emails would be a much better solution.
Either way, thank you for the fix.