Thursday, February 4, 2021
Our anti-abuse team recently blocked a sophisticated phishing email that may have made into some of your mailboxes. We have since taken measures to block the abusive IP address of the sender and remind you to exercise caution with links in emails. Especially when they are asking you to login or validate your account.
Tips to prevent compromise from spoofed or phishing emails
- Only log in to Webmail via webmail.thexyz.com
- Do not share your password with anyone, including Thexyz Support Team
- Beware of links in emails and if in doubt, do nothing
- Follow best security practices by reviewing the resources below
Resources for best security practices
- Learn how to identify phishing and spoof emails
- Enable MFA on your account with a two-factor authentication app like Authy
- Report spam and report phishing to help with our anti-abuse efforts
- If using a custom domain, ensure DKIM, SPF, and DMARC is enabled on the domain
An example of the email is pictured below.
Our anti-abuse team has blocked a sophisticated phishing email that appears to be from Thexyz Support Team.— Thexyz (@thexyz) February 4, 2021
As always, exercise caution with links in emails as it may have made it into some of your mailboxes.
An example of the message is shown below. Stay safe! pic.twitter.com/flXuAR8v30