Miscellaneou$

SendGrid Phishing Scam Attempts

TL;DR

Over the past few days I started getting a bunch of weird error emails in my inbox from, what seemed to be, SendGrid. The subjects all looked technical; things like “API Endpoint Failure” or “messages are not processing via /v1/send”. Enough to make any developer raise an eyebrow 🤨

What’s going on is simple: some mail servers seem to have been compromised over the holidays and a bunch of not-so-nice people are sending phishing emails posing as SendGrid.

Now, if you’re not using SendGrid, you’d probably ignore them right away.

However, the goal is to get you to click a link that leads to a page that looks exactly like the real SendGrid login — and if you’re not careful, enter your real credentials (which they’ll happily store for future use 😅).

What makes this unusual is that Google hasn’t flagged these as spam yet, so be wary.

What You Should Do

Don’t click any links in the message.
Mark the message as spam or phishing in your email client.
If you do use the service, open your dashboard manually and check logs rather than clicking through the email.

Examples

Here are just some examples, so you can get an idea of what to look for. One common sign is that the email claims to be from SendGrid, but the domain in the “signed-by” field is something you’ve never heard of.