Skip to main content

how to report a massive attack or have special support for urgent/emergency matters?

 

During this monday, we received thousands of emails from suspicious senders. This attack was using an email that we don´t have in our list. It was an email xxxxxx@ourdomain.intercom-mail.com

Which means that these email was in the intercom server collapsing our inbox.

Now I am not sure how to report this incident and haven´t received any support from any intercom agent.

The only think we could do, was to block one-by-one, all the senders. Also, we closed the conversations with a bot.

evidence

hi @jazmin j​ !

 

Have you sent any mass email campaign on Monday using intercom-email.com address as sender or reply-to (not necessarily through Intercom, maybe you are using additional service for this)?

It looks like it could be the case of lots of hard/soft-bounce email notifications that were sent to your Inbox. So not an actual attack.

no, we didn´t. Some one impersonate the email, using an email that we actually don´t have or use, send phishing to a massive list and we received the replies or the rejections in our inbox. We realize that anything before "@ourdomain.intercom-mail.com" is valid and we receive email in our inbox, even if we don´t have that specific inbox seat or email.

OK got it, so to protect in case this is still happening is, I assume, just not to let those email get in Intercom, turn it off if it is not important for your support or lead gen (if you have chat doing that work). And wait for Intercom feedback.

 

P.S. also talk to Intercom about not counting those leads that might have been created as "people reached" - this can have impact on your invoice, ouch! 🙂

Reply


Terms & ConditionsCookie settings