Hello,
I just made this account because I received an email saying that the let's encrypt team is contacting me to update the security for my Shopify store.
The scam might be convincing for some so I just wanted to point it out, and since let's encrypt name is being used I thought it should be posted here.
They will ask you to put your Shopify login details and then redirect you to your website.
This the email of the sender: tlsreport@securemailer.net
and this is the phishing page, https://error-prevention-sys.com/?u=(some generated code)
I didn't know what to do with this information, so I wanted to warn people about it
Thanks for posting this! Always good to warn people.
I'm curious, are you actually a Let's Encrypt user? Looking at the blurring you are. And was the e-mail send to an e-mail address you've used for Let's Encrypt usage perhaps?
@lestaff Any idea what this is? And how it can be possible that LE users are being spammed? Or is it perhaps due to a data leak at Shopify?
I'm assuming it's just due to some public email (whois data maybe, or posted on the sites themselves), combined with looking up certificate transparency data.
In terms of "what to do with this information", you can report the sites to Google Safe Browsing and Microsoft Smart Screen (See the links in the FAQ), and you can report the email however you report other spammy emails depending on your mail provider. (You can dig through the headers, find the IP that sent it to your mail system, and find an abuse contact for that IP, but that sadly isn't always worth doing nowadays.)
That does still work, but there is an even more effective approach to use in this case...
Because the email mentioned Shopify, the recipient or LetsEncrypt can reach out to them for "help". Large vendors and tech companies typically have legal and compliance teams that work with ISPs, and they tend to be very effective in deplatforming scammers/phishers.