Protecting your account from phishing

Phishing is an attempt to gain account information or other personal information from someone through email, usually by impersonating a legitimate organization. Phishing emails will often contain links to fake web pages that look similar to a real service in order to trick you into entering your account information.

We've become aware of some phishing emails impersonating Trello. These emails may look innocent at first glance, but there are some ways that you can differentiate these scam emails from legitimate emails sent by Trello.

How to spot phishing

Ways to identify phishing and spoofing emails include:

  • Links that appear to be Trello links but aren’t. If you hover over a link in a suspicious email, your browser or email client will most likely show you the destination URL. Don't click the link — just look closely at the URL: A URL that is formatted trello.fakewebsite.com is taking you to a location on fakewebsite.com. Just because “trello” is part of the URL doesn't guarantee that it's an official Trello site.

  • Emails that don't come from an @trello.com email address. All legitimate emails from Trello will come from an @trello.com email address. If the from address is the email address of someone you know, that person's email account may have been compromised — Trello does not send emails from our users' email addresses.

  • Requests for personal information. Trello emails will never ask you to reply in an email with your password, credit card number, or any other personal information.

  • Obvious typos and other errors. Be on the lookout for typos or grammatical errors, awkward writing and poor design that doesn't match other emails from. These are all common indicators of fraudulent emails and websites, although not every phishing email will have these obvious mistakes. 

  • Emails sent through website contact forms: Trello will never try to contact you via your website's contact form.

What to do if you receive a phishing email

Do not reply to the email or click on any links within the email.

Many email programs include an option to report an email as phishing or spam. Please use this method to report the suspicious email to your email provider. If you're not sure if an email is from Trello or not,  send us a screenshot, and we'll be happy to look into it for you.

Sometimes phishing attempts can look very convincing. If you've already provided your Trello account information to a phishing scam, change your password as soon as possible by going to https://id.atlassian.com/login/resetpassword. If you use the same password for any other services, you should change those as well.

If you have your credit card information stored in your Trello account and suspect that it may have been compromised, contact your issuing financial institution to check your account immediately.

For more information, see:  What to do if your account is compromised

Known phishing attempts

July 18, 2016

We've become aware of a phishing attempt sending out emails claiming to share a document through Trello:

screenshot_PhishingAttemptsExample

This is not a legitimate email. Trello does not have a feature called "Slides", and the link within this email does not go to an actual Trello page. These emails are being sent from compromised email accounts to that individual's email contacts, whether or not that individual has ever signed up for a Trello account.

August 13, 2021

We've become aware of a phishing attempt where users send emails to companies through their contact forms. These emails are not formatted, and has similar text to the snippet below:

Hello,

Your website or a website that your company hosts is infringing on a copyright protected images owned by our company (trello Inc.).

Check out this official document with the hyperlinks to our images you used at www.acme.com and our earlier publications to get the proof of our copyrights.

Download it now and check this out for yourself:

https://storage.googleapis.com

I think that you willfully violated our rights under 17 USC Section 101 et seq. and could be liable for statutory damage as high as $120,000 as set-forth in Section 504 (c)(2) of the Digital millennium copyright act ("DMCA") therein.

This letter is official notice. I demand the elimination of the infringing materials referenced above. Please be aware as a company, the Digital Millennium Copyright Act requires you to remove or deactivate access to the copyrighted materials upon receipt of this notice. In case you don't stop the use of the previously mentioned copyrighted materials a legal action will be started against you.

I have a strong self-belief that utilization of the copyrighted materials described above as presumably infringing is not permitted by the copyright proprietor, its agent, or the legislation.

I declare, under consequence of perjury, that the information in this notification is accurate and hereby affirm that I am permitted to act on behalf of the proprietor of an exclusive and legal right that is allegedly violated.

Very truly yours,
Anthony Kanwar
Legal Officer
trello, Inc.

trello.com

As these users are sending emails through website contact forms, it can make it look like they have been sent from legitimate trello.com email addresses. However, these emails are scams and should be deleted and ignored, and any links in these emails should not be opened. 

Still need help?

The Atlassian Community is here for you.