Someone keeps registering for cloudflare using my email addresses

Hi Community!

In the last week, I’ve received two “[Cloudflare]: Please verify your email address” emails from cloudflare to different emails at my company, however I don’t use Cloudflare and didn’t sign up to it.

A few days ago I received one to: [companyname] (a gmail address that I don’t use but which I registered a while ago, just to reserve it). This morning I received one to [email protected][].

The emails look legitimate and the activate links do go to cloudflare.

In the first case, I didn’t click any links, went to cloudflare directly, performed a password reset and took control of the account. I’m about to do the same for the [email protected] account, but I want to know why someone is doing this.

Is there some kind of early stage attack under way? Are they probing for something? Why is someone doing this?

I contacted Cloudflare’s support email but haven’t heard back yet. When I received the second account attempt this morning I thought I’d reach out to the community and see if anyone has experienced this before. I can write one off as a mistake, but when it happens again it seems that someone is doing this intentionally.

Do you have any thoughts or suggestions?



The same thing happens to me at various email addresses of mine. Some people just have no clue as to what their actual email address is.

There’s nothing Cloudflare can do about people who do stuff like this.

Mark such emails as spam and forget. Who & Why cannot be found easily, but the best thing you can do is refrain from clicking such links. It could be some kind of email-based hack or a typo error.