Watch out for proton phishing emails
-
if it's actually proton.me that's an official url.
-
In this case, without clicking any links in the email, why don't you just simply go to the proton website manually and log in for good measure?
-
That is their official email address. Did you make an Alias or something and you forgot?
-
Don't Proton emails come starred or marked as oficial? At least on the Android app, for me, it shows 'Oficial'
-
I'm not sure if this is how proton notifies you, but it could also be that someone else (the other address you're seeing) put you in as their recovery mail. they haven't logged in in a while, and now get notified that their account might get deleted due to lack of activity. They might have just mistyped the intended recovery email or randomly put in yours.
Either way, nothing you need to do. -
I did, I have the app on the phone and the account is fine, no notifications or emails. Nothing… it happened already some weeks ago and i ignored it.
-
I’m starting to think I’m wrong somehow... Maybe i made an account long ago and forgot? I really don’t think so tho.
-
does it have the "official" tag? it should look like this:
-
They may have the 'official' url in the link, but there's a good chance they might be piped/redirected through a malicious server under the spammer's control to log your keystrokes.
-
I've seen at least a couple times a similar trick but with payment req websites like cash app or venmo. Everything looks legit, but if you were to look closely at the url they want you to click, it is almost always routed through a server under the phisher's control.
-
Can confirm in the iOS app that messages from proton official have a special badge
-
Its possible some wires got crossed behind scenes, some database/software mixup.
Maybe email proton support if you're concerned? I've had some similar mixup happen with banking and they got it all sorted after I complained (I was getting emails intended for someone else).
-
This looks like they’re using the iOS mail client
-
Are you using the iOS mail client with a proton email account?
-
It could also be some IDN tricks. Most browsers translate mixed scripts into punycode nowadays, but it can be easy to get tricked. Just go to their official site if you're unsure.
For example: https://xn--prtn-1ndb.me/ looks like a normal link... but the O's have been replaced with the Greek letter omicron.
-
Interesting. I am blind and therefore use the TalkBack screen reader and it does not say the O's because they are not in English. It reads that as PRTN.
-
the address there can be faked, maybe your email client did not warn about it. if you can check the mail's headers (maybe easier on desktop), look at all the addtesses you see in there and if thry seem suspicious.
-
this is really insightful, thanks!
-
OP stated this was sent to their Gmail, so wouldn't have the tag.
-
Wondering if someone somehow linked your Gmail (email you received this on) to their proton account. I was looking for an email you could forward this to to report it to proton but could not find one.
As always, if an email looks suspect, don't click anything. Just wish there was a way to report it.
