Dubious E-Mails from osgeo.org accounts

Hello SAC team,

apologies if this is the wrong group to report potentially unusual e-mails sent from OSGeo-accounts.

I have received a string of E-Mail messages from osgeo-related acounts, including secureserver@osgeo.org and NoReply@osgeo.org about the expiration of my OSGeo mail account.

Please find the latest example below.

Can you please confirm these are valid ?

Thanks,
Peter

-- snip --

Dear ploewe ,

Your password for "ploewe@osgeo.org" will expire Today. You are required to update your account by clicking below

Keep Current Password

Note: Microsoft Security Support team will not be held responsible, if no action is taken today.

©Microsoft Security Team.
Microsoft respect your privacy

-- snap --

<peter.loewe@gmx.de>

Moin Peter,

On Wed, 11. Sep 2024 at 15:21:44 +0200, Peter Löwe via Sac wrote:

apologies if this is the wrong group to report potentially unusual e-mails sent from OSGeo-accounts.

I have received a string of E-Mail messages from osgeo-related acounts, including secureserver@osgeo.org and NoReply@osgeo.org about the expiration of my OSGeo mail account.

Please find the latest example below.

Can you please confirm these are valid ?

No, it's not valid. That phishing. There's no password expiry to start with,
the link probably doesn't point at an osgeo site at all and why should
Microsoft be involved in our mail accounts?

Jürgen

--
Jürgen E. Fischer norBIT GmbH Tel. +49-4931-918175-31
Dipl.-Inf. (FH) Rheinstraße 13 Fax. +49-4931-918175-50
Software Engineer D-26506 Norden https://www.norbit.de
QGIS release manager (PSC) Germany IRC: jef on Libera|OFTC

(attachments)

Pflichtangaben (222 Bytes)

Hallo Jürgen,

thanks for your response. That's what I thought. I'm reporting this since the phishing campaign appears rather sophisticated (a string of mails from different pseudo-OSGeo accounts with thematically related topics). I can't judge how many OSGeo accounts are targeted, but maybe a word of warning might be appropriate to prevent infiltration.

Best,
Peter

<peter.loewe@gmx.de>

Gesendet: Mittwoch, 11. September 2024 um 16:41 Uhr
Von: "Jürgen E. Fischer" <jef@norbit.de>
An: "Peter Löwe" <peter.loewe@gmx.de>
Cc: sac@lists.osgeo.org
Betreff: Re: Dubious E-Mails from osgeo.org accounts

Moin Peter,

On Wed, 11. Sep 2024 at 15:21:44 +0200, Peter Löwe via Sac wrote:
> apologies if this is the wrong group to report potentially unusual e-mails sent from OSGeo-accounts.

> I have received a string of E-Mail messages from osgeo-related acounts, including secureserver@osgeo.org and NoReply@osgeo.org about the expiration of my OSGeo mail account.

> Please find the latest example below.

> Can you please confirm these are valid ?

No, it's not valid. That phishing. There's no password expiry to start with,
the link probably doesn't point at an osgeo site at all and why should
Microsoft be involved in our mail accounts?

Jürgen

--
Jürgen E. Fischer norBIT GmbH Tel. +49-4931-918175-31
Dipl.-Inf. (FH) Rheinstraße 13 Fax. +49-4931-918175-50
Software Engineer D-26506 Norden https://www.norbit.de
QGIS release manager (PSC) Germany IRC: jef on Libera|OFTC
norBIT Gesellschaft fuer Unternehmensberatung und Informationssysteme mbH
Rheinstrasse 13, 26506 Norden
GF: Juergen Fischer, Nils Kutscher HR: Amtsgericht Aurich HRB 100827
Datenschutzerklaerung: Datenschutz - norBIT GmbH

Hi Peter,

On Thu, Sep 12, 2024 at 6:26 AM Peter Löwe via Sac <sac@lists.osgeo.org> wrote:

thanks for your response. That's what I thought. I'm reporting this since the phishing campaign appears rather sophisticated (a string of mails from different pseudo-OSGeo accounts with thematically related topics). I can't judge how many OSGeo accounts are targeted, but maybe a word of warning might be appropriate to prevent infiltration.

Well, I get this stuff daily in all the inboxes I have. Unfortunately,
part of ‘online life’ is carefully checking invitations to click
before you click.
And tomorrow these emails will look different again...

Best
Markus