Phishing email from cloudflare

Can someone comment on a recent email I apparently received from Cloudlfare with the following content which I think is a phishing attempt. I have logged into my account and there is NO information relative to this email. If. it is in fact a phishing attempt, Cloudflare should be aware and take appropriate action to ensure that ALL coms to clients are simply and advisory to log into our account.
BTW, there is NO method to advise cloudflare security of an issue like this…

thanks for your input
Christian L.
CANADA


Cloudflare has detected that your configuration is using our Authenticated Origin Pulls feature. Recently, we renewed the certificate that our edge network presents to your origin due to the upcoming expiration of the current certificate on January 11, 2020 .

To ensure uninterrupted service, you need to update your origin server to authenticate with the new authenticated origin pull certificate anytime before January 11, 2020 .

You can find the updated certificate and follow the instructions for updating popular origin servers in this Cloudflare Help Center article: https://support.cloudflare.com/hc/en-us/articles/204899617/

Need help? Please contact us at https://support.cloudflare.com/

Thanks again for choosing Cloudflare!
The Cloudflare Team


Why would you think so?

That email is authentic and has been discussed here on the forum yesterday quite extensively. Please use the search.

Ok my bad. The link in the message pointed to the http://go.sparkpostmail1.com and Protonmail will NOT permit this link to go through. Call me paranoid !
thanks

Alright, that I cant tell as I didnt receive the message, but there is a good chance it didnt link to where is seemed to as it seems to be fashionable these days to have a gazillion tracking redirects.

Anyhow, the gist is, if you use Authenticated Pulls make sure you check on your server side for the new certificate. If you dont you can safely ignore the message.

I’d still recommend to use the search as that is probably explained more in detail in aforementioned threads.

Same here, the email got flagged as “scam” by Thunderbird.

Reference page on contacting here:

For similar types of questions/verification in the future, I’d go the option on the right side of the above page and contact Support. They are “always on”, wired into every other group in Cloudlfare, and prepared to respond to these types of questions. That’s also the route suggested in the email.

To contact Cloudflare Customer Support, login & go to https://dash.cloudflare.com/?account=support and select “Get more help” at the bottom of the page.

This topic was automatically closed after 14 days. New replies are no longer allowed.