2 points | by splittydev 20 hours ago ago
5 comments
Can confirm, I've got a DKIM passing email today asking me to sell my "Illuvium". DKIM auth result header:
> Authentication-Results: spamfilter01.heinlein-hosting.de (amavisd-new); > dkim=pass (2048-bit key) header.d=autodesk.com
For this DKIM-Signature:
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=autodesk.com; > h=from:subject:mime-version:list-unsubscribe:content-type:reply-to: > cc:content-type:from:subject:to; > s=s11; bh=...
MTA:
> Received: from ec2-3-8-140-122.eu-west-2.compute.amazonaws.com (unknown) > by geopod-ismtpd-13 (SG) with ESMTP id n5WDORJ6Taauv7FuUNA9Ug
I wonder if just their DKIM selector got stolen or someone owned their AWS accounts as well?
I also got the same email an hour ago. noreply@autodesk.com with subject "New Alert!". At first I was wondered why this OpenSea type scam email didn't automatically go into the spam folder, turned out to be from a verified domain.
I contacted Autodesk on X, as well as the CEO and CTO, but nobody seems to care so far.
I've got two emails in the last hour from them as well. (Opensea.io noreply@autodesk.com)
It's ridiculous that they're not reacting to this at all.
Can confirm, I've got a DKIM passing email today asking me to sell my "Illuvium". DKIM auth result header:
> Authentication-Results: spamfilter01.heinlein-hosting.de (amavisd-new); > dkim=pass (2048-bit key) header.d=autodesk.com
For this DKIM-Signature:
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=autodesk.com; > h=from:subject:mime-version:list-unsubscribe:content-type:reply-to: > cc:content-type:from:subject:to; > s=s11; bh=...
MTA:
> Received: from ec2-3-8-140-122.eu-west-2.compute.amazonaws.com (unknown) > by geopod-ismtpd-13 (SG) with ESMTP id n5WDORJ6Taauv7FuUNA9Ug
I wonder if just their DKIM selector got stolen or someone owned their AWS accounts as well?
I also got the same email an hour ago. noreply@autodesk.com with subject "New Alert!". At first I was wondered why this OpenSea type scam email didn't automatically go into the spam folder, turned out to be from a verified domain.
I contacted Autodesk on X, as well as the CEO and CTO, but nobody seems to care so far.
I've got two emails in the last hour from them as well. (Opensea.io noreply@autodesk.com)
It's ridiculous that they're not reacting to this at all.