Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SECURITY ALERT: Phishing Emails Targeting Atlassian Customers

Dan Hranj
Dan Hranj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 21, 2023

We’ve received reports of a sophisticated phishing campaign targeting Atlassian customers.

These malicious emails use forged email headers to appear legitimate and seek to obtain user credentials by linking victims to phishing sites that closely resemble Atlassian domains. 

These can be hard to spot, so we ask that customers exercise caution when engaging with links and/or requests for user credentials in emails that appear to be from noreply@am.atlassian[.]com received before 2023-06-19.

Below is an example of a phishing email and a list of phishing domains reported by Atlassian customers, though threat actors may be using additional assets.

  • app-atlassian[.]com

  • verify-atlassian[.]com

  • cableos-atlassian[.]com

  • apac-atlassian[.]com

  • confirm-atlassian[.]com

  • support-atlassian[.]com

 Screenshot 2023-06-20 at 13.41.12.png 

Please change your passwords immediately if you believe you may have entered your Atlassian credentials into a phishing site.

Atlassian’s security team has contacted the phishing domain registrars to request deactivation and taken additional steps to improve the security posture of our domains to prevent these types of attacks from occurring in the future.

Your security is our priority, and we appreciate your partnership in remaining diligent. Please contact Atlassian Support with any questions and report any similar phishing attempts to security@atlassian.com.

Comment
Watch
Like # people like this
10861 views

4 comments

Comment

Log in or Sign up to comment
Mayur Jadhav
Mayur Jadhav
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 22, 2023

Hi @Dan Hranj ,

Thanks for the information. Can you please confirm if this email id is from Atlassian ?

e.atlassian.com

Like Thomas Gaffney likes this
Reply
Dan Hranj
Dan Hranj
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 23, 2023

e.atlassian[.]com is unaffected by this issue.

Like Monique vdB likes this
Pippin Wallace
Pippin Wallace
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 24, 2023

It would be helpful if you specified not only Atlassian legit domains but also how to spot malicious domains that are trying to mimic Atlassian.
I can see from this alert that domains with a hyphen (-) are suspicious but does Atlassian ever use a hyphenated domain?

Like Jennifer Marshall likes this
Reply
Inna S
Inna S September 28, 2023

Hi @Dan Hranj ,

any way to subscribe to this kind of notifications?

I am a site admin and I did not receive this alert via email or the in-app pop-up or anything. 

Thank you.

Like
Reply
Fook Lee
Fook Lee
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
October 24, 2023

I received one titled "Your payment has been processed for the invoice IN-000-587-620" today, the "Contact Us" URL being contact us.  Is this legit?  

Like
Reply
DarwinV
DarwinV
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 15, 2024

Got the similar email with a PDF attachment of my apparent invoice. The mail came from

no_reply@am.atlassian.com

Like
groups-icon
Trust & Security
TAGS
AUG Leaders

Atlassian Community Events

    See all events