CircleCI and GitHub users targeted by phishing campaign

by

CircleCI has sent out a notice to its customers that a phishing email scam is targeting their users, as well as those on GitHub, in an attempt to harvest credentials.

The CircleCI Security Alert included a copy of the malicious email which told recipients that the companies were working together to launch new terms of service on CircleCI and GitHub accounts.

“As a result of this update, all users will be required to review and agree to the new Terms of Service and Privacy Policy in order to continue using CircleCI services,” the fake email reads.

Below the notice was a malicious link tricking users into logging into their GitHub account through CircleCI to agree to the new terms.

CircleCI assured its users that the company would not require customers to log in to review their terms of service, and pointed out that the malicious link sent victims to circle here[.]coma domain that does not belong to the company.

“We have no reason to believe that your organization has been specifically targeted or that your account has been compromised, but we want our customers to be aware that there is a phishing attempt in progress and to exercise due diligence. caution,” CircleCI explained in the advisory. active phishing attack to its customers.

Keep up to date with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly straight to your inbox.

You may also like

Leave a Comment

About Us

Times Global Will keep you updated To the Latest News Around The Globe..

Feature Posts

Newsletter

Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Subscribe To our Newsletter

Join our subscribers list and get Latest News directly to your inbox.