A new CircleCI phishing email has been circulating in an attempt to obtain CircleCI and GitHub login credentials. The email is well written and does not have the obvious telltale signs of a scam such as spelling mistakes and poor grammar.
This is a scam and CircleCI have stated that they "will not require users to login to review any updates to Our Terms of Service".
The emails contain links to the circle-ci.com domain which is not owned by CircleCI. All legitimate links to CircleCI should be to circleci.com (without the hyphen) or its sub-domains.
As with all emails that you receive, it is important to be very careful before clicking on any links and to be sure that you are certain those links are going to a legitimate site.
See more tips for staying safe from phishing scams.
If you believe that you may have clicked one of the links in this phishing email, it is important to immediately update your passwords for both CircleCI and GitHub to prevent any unauthorised use of your accounts. You should also audit your system for any unauthorised activity.
If you have any concerns or questions about this phishing email, you can reach out to the CircleCI team directly for further assistance.
Example of CircleCI Phishing Email
Examples of Email Subject Lines
The phishing emails have been circulating with a number of different subject lines:
- [Action Required] Your CircleCI services have been updated
- [Action Required] - Your CircleCI services have been updated
- Important changes made to your CircleCI services
- Your CircleCI account and services have been changed
- Your CircleCI Services will be disabled