I’ve received an email regarding a survey, with the title “TrueNAS Advisory Council invite”.
This survey requires a login, and to me it screams some kind of weird phishing attempt. The problem, in case that it is phishing, is that the email they’ve sent this to is only used for the TrueNAS newsletter as far as I remember, which would mean a data leak of some kind.
Is this a real email sent from iXSystems, or has there been a data leak of some kind?
I got the same email, but haven’t clicked the link.
The link goes to truenas dot pullpath dot works - if this is real it’s not well handled. I’m not convinced it’s a phish because there’s no obvious thing it could be phishing for … but it otherwise has the hallmarks of a phish.
They’re coming for your gigabytes! Have you checked your gigabytes recently? Count them. Make sure they’re all still there.
Attacking user accounts where password reuse happens. Could be an easy way to collect emails and passwords relating to each other.
I’m also not an enterprise customer, I don’t know if there’s any kind of login for those customers.
