23rd June 2017

Email Phishing Campaign

Today we noticed that a new customer had begun a phishing campaign in our name. They signed up using a stolen credit card and a VPN. They proceeded to send email to a little over 1,000 people (not necessarily customers of ours, just random people) claiming the email to be from service@mxroute.com. For this reason, while weighing possible options to prevent such a thing in the future, we will be re-enabling a feature disabled some time ago due to user request. You will not be able to adjust a From header, our mail server will rewrite it to match the account that you are logged in with. This is to discourage customers from spoofing email from other customer domains, including ours, while passing SPF checks. I'm afraid this is not negotiable.

If you see an email from service@mxroute.com, it is NOT us. The subject of this email was "We are not able to connect with you, check our privacy policy updates."