SendGrid email scam (fake) - Free Instructions

SendGrid email scam Removal Guide

What is SendGrid email scam?

SendGrid's name used to steal user credentials

Fake SendGrid phishing email linkEmail link directs users to a spoofing site, where, if entered, the credentials are stolen by cybercriminals

SendGrid is a legitimate marketing platform that is used by many website developers to monetize their content. In order to operate successfully, users need to create an account on the official website and register their credentials. Cybercriminals now came up with an idea to use the company's name to trick already existing users into accessing malicious links that lead to spoofing websites, where they are asked to enter their login information.

Once that is done, malicious actors manage to get user login details without problems and then hijack the official account. This information can be later used to be sold online on hacking forums, for illegitimate purchases, or for further phishing[1] attempts. Without a doubt, this social engineering attack can cause significant damage to the user.

If you have received an email from SendGrid that doesn't seem right – ignore it immediately. If you have already clicked on malicious links, entered your information, or downloaded something on your system, make sure you remediate the situation as per the instructions we provide below.

Name SendGrid email scam
Type Email scam
Distribution Spam emails sent en masse
Related domain krebs-sucks.com
Dangers Sensitive information leak to cybercriminals, further phishing attacks, identity theft, malware infection, etc.
Detection Always pay attention to the URL address of the domain – it is one of the main giveaways the the sate is fake
Remediation Change all your personal account passwords, scan your system with SpyHunter 5Combo Cleaner or another reputable anti-malware
System fix If you had malware installed on your system, we recommend you use ReimageIntego repair tool to fix virus damage automatically, avoiding the reinstallation of Windows

The contents of the email and scam techniques

It is not a secret that cybercriminals create scams in order to gain maximum benefit from the attack. Therefore, malware is commonly used along with phishing. In fact, some of the most prominent malware, such as Moqs ransomware, is spread with the help of fake installers on various torrent sites,[2] where people are tricked into believing that they are downloading a software crack or a pirated game installer.

Yes, phishing has been around for many years, although it became much more sophisticated over the years. Fake emails barely included any text inside and only came with a malicious attachment or a link. Since then, threat actors have managed to come up with new techniques that are more efficient in convincing users that email is harmless.

Names of popular companies, such as Amazon or Microsoft, are commonly used to mislead victims. In this case, SendGrid is used, although the real company has nothing to do with this scam. Within the email, users are shown the following information:

This email is to notify you that an invoice has been created for your account at
SendGrid, which is due on Wed, 19 Aug 2020 20:35:05 +0000
The Invoice ID is 009334, and is due for the amount of 89.95 dollars.
If you have a credit card on file with us, this invoice will automatically be billed on Wed, 19 Aug 2020 20:35:05 +0000

You may login anytime to make a manual payment at:

Invoice ID – Login

We are available 24/7. If you have any questions, comments, or concerns, please do not hesitate to contact us.

This is an automated alert for your SendGrid account with the username . Manage your alert settings.

:copyright: SendGrid Inc.
1801 California St.
Suite 500, Denver, CO 80202 USA

Since you're a SendGrind customer, we send you emails from time to time with product updates, webinar invites, onboarding help, and im portant info about your account. You can find out more about how we process personal data in our Priv acy Policy. If you no longer wish to receive these emails, you can unsubscribe.

Not only cybercriminals are misusing the name of a well-known marketing company, but they are also trying to create a sense of urgency – this is one of the most used tricks in social engineering attacks. In this case, people are tricked into believing that their accounts will be billed automatically.

Naturally, many people would not know anything about any invoice, hence trying to log into the account and see what is happening. As soon as they click on a link that apparently should lead to a login page, they will be redirected to the krebs-sucks.com website instead.

The malicious website

Unfortunately, not many users pay close attention to the web address bar, and they might not notice that it is fake. The contents of the page look very convincing, however – there is a company's logo and login field that looks legitimate. However, the SendGrid email scam should not be trusted.

How to fix your account and leaked password

Once the credentials are entered, they are delivered to cybercriminals. Even if you realized that the page is fake, your credentials are already leaked, and you should take action immediately. In order to resolve the situation, you should immediately change your login password for every account that it is used on.

If you can no longer access your account, you should contact SendGrid via their official email or a support line and explain what happened – the support staff should help you immediately.

Note that you should never use the same password for multiple accounts and preferably rely on a password manager or browser-offered strong passwords. Enabling two-factor authentication[3] can also be one of the best ways to protect your online account from theft.

If you downloaded any malicious files…

As previously mentioned, by accessing your credentials, hackers might be able to get into your other accounts. In fact, they might also connect to your Windows remotely and plant malware manually. Additionally, if you have clicked on malicious links via a phishing email, it might trigger a chain of events where malware would be downloaded and installed automatically without your knowledge.

Therefore, it is important to perform a full system scan with powerful anti-malware – we recommend using SpyHunter 5Combo Cleaner or Malwarebytes. While in most cases, the scan can be performed without problems, sometimes a virus can terminate any processes related to cybersecurity software. In such a case, accessing Safe Mode with Networking and performing a scan from there would resolve the situation:

Windows 7 / Vista / XP
  1. Click Start > Shutdown > Restart > OK.
  2. When your computer becomes active, start pressing F8 button (if that does not work, try F2, F12, Del, etc. – it all depends on your motherboard model) multiple times until you see the Advanced Boot Options window.
  3. Select Safe Mode with Networking from the list.Windows XP/7
Windows 10 / Windows 8
  1. Right-click on Start button and select Settings.
  2. Scroll down to pick Update & Security.Update & Security
  3. On the left side of the window, pick Recovery.
  4. Now scroll down to find Advanced Startup section.
  5. Click Restart now.Recovery
  6. Select Troubleshoot.Choose an option
  7. Go to Advanced options.Advanced options
  8. Select Startup Settings.Startup settings
  9. Click Restart.
  10. Press 5 or click 5) Enable Safe Mode with Networking.Press F5 to enable Safe Mode with Networking

Once inside the Safe Mode, launch the security app and perform a system-wide scan. It should be able to find all the malicious files and remove the SendGrid email virus automatically.

It is also important to note that, once the elimination process is complete, it might not be the end of troubles. Malware such as Cometer or ZeroAccess can seriously damage Windows system files, making the OS crash or prevent normal functions from working correctly (such as the Task Manager, for example).

In order to remediate your system from this damage, we recommend you perform a full system scan with a PC repair tool:

  • Download ReimageIntego installer
  • Click on ReimageRepair.exe
    Reimage download
  • If User Account Control (UAC) shows up, select Yes
  • Press Install and wait till the program finishes the installation processReimage installation
  • The analysis of your machine will begin immediatelyReimage scan
  • Once complete, check the results – they will be listed in the Summary
  • You can now click on each of the issues and fix them manually
  • If you see many problems that you find difficult to fix, we recommend you purchase the license and fix them automatically.Reimage results
Offer
do it now!
Download
Reimage Happiness
Guarantee
Download
Intego Happiness
Guarantee
Compatible with Microsoft Windows Compatible with macOS
What to do if failed?
If you failed to fix virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

How to prevent from getting trojans

Choose a proper web browser and improve your safety with a VPN tool

Online spying has got momentum in recent years and people are getting more and more interested in how to protect their privacy online. One of the basic means to add a layer of security – choose the most private and secure web browser. Although web browsers can't grant full privacy protection and security, some of them are much better at sandboxing, HTTPS upgrading, active content blocking, tracking blocking, phishing protection, and similar privacy-oriented features. However, if you want true anonymity, we suggest you employ a powerful Private Internet Access VPN – it can encrypt all the traffic that comes and goes out of your computer, preventing tracking completely.

 

Lost your files? Use data recovery software

While some files located on any computer are replaceable or useless, others can be extremely valuable. Family photos, work documents, school projects – these are types of files that we don't want to lose. Unfortunately, there are many ways how unexpected data loss can occur: power cuts, Blue Screen of Death errors, hardware failures, crypto-malware attack, or even accidental deletion.

To ensure that all the files remain intact, you should prepare regular data backups. You can choose cloud-based or physical copies you could restore from later in case of a disaster. If your backups were lost as well or you never bothered to prepare any, Data Recovery Pro can be your only hope to retrieve your invaluable files.

About the author
Linas Kiguolis
Linas Kiguolis - Expert in social media

If this free guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Linas Kiguolis
About the company Esolutions

References