Identified Scam:

CircleCI Phishing Email: Attempt to Obtain Login Credentials


Verified.org
Updated 22 September 2022
CircleCI Phishing Email: Attempt to Obtain Login Credentials
Share to
Identified Scam:
Key Finding

Phishing email asks you to accept updated CircleCI terms of service and privacy policy.


Key Risk

Scammers will steal your login credentials for CircleCI and GitHub and could perform destructive actions on your accounts.

Sections on this page
  1. Example of CircleCI Phishing Email
  2. Examples of Email Subject Lines
  3. Frequently Asked Questions

A new CircleCI phishing email has been circulating in an attempt to obtain CircleCI and GitHub login credentials. The email is well written and  does not have the obvious telltale signs of a scam such as spelling mistakes and poor grammar.

The phishing email warns users of a change to the CircleCI terms of use & privacy policy which need to be accepted to continue using the CircleCI service.

This is a scam and CircleCI have stated that they "will not require users to login to review any updates to Our Terms of Service".

The emails contain links to the circle-ci.com domain which is not owned by CircleCI. All legitimate links to CircleCI should be to circleci.com (without the hyphen) or its sub-domains.

As with all emails that you receive, it is important to be very careful before clicking on any links and to be sure that you are certain those links are going to a legitimate site.

See more tips for staying safe from phishing scams.

If you believe that you may have clicked one of the links in this phishing email, it is important to immediately update your passwords for both CircleCI and GitHub to prevent any unauthorised use of your accounts. You should also audit your system for any unauthorised activity.

If you have any concerns or questions about this phishing email, you can reach out to the CircleCI team directly for further assistance.

Example of CircleCI Phishing Email

 

Example of CircleCI Phishing Email

Examples of Email Subject Lines

The phishing emails have been circulating with a number of different subject lines:

  • [Action Required] Your CircleCI services have been updated
  • [Action Required] - Your CircleCI services have been updated
  • Important changes made to your CircleCI services
  • Your CircleCI account and services have been changed
  • Your CircleCI Services will be disabled

Frequently Asked Questions

Do CircleCI require users to login to review updates to their Terms of Service?

No, CircleCI will not ask users to login and accept changes to their terms of service.

What Should I Do If I Clicked a Link in The Phishing Email?

You should immediately update the passwords for your CircleCI and GitHub accounts to prevent any unauthorised activity.

Comments