Phishing attempt

Mailgun Renewal Team

If you received an email from Mailgun Renewal Team, don't click through or log in! This is a common phish targeted at Mailgun users. Scroll down to learn what you should do with these emails.

Why did I get an email from Mailgun Renewal Team?

This is a common phishing attempt targeted towards Mailgun users. A phishing attempt is when a bad actor spoofs their identity to appear like a company they are not, in an attempt to solicit information from you. In this case, bad actors appear to be Mailgun trying to contact you in regards to an overdue payment. Their goal is to solicit your Mailgun login credentials so they can use your account to send spam.

These emails are commonly sent by "Mailgun Renewal Team," which is not a valid email or address we use. Attackers may have obtained your email by scraping public DNS records to determine what ESP you use.

The email may indicate that your account has been suspended in an attempt to scare you into providing your login credentials and could look like the example on the right.

A screenshot of an email showing a phishing attempt from someone pretending to be the Mailgun Renewal Team.

How to spot a phishing attempt

Be on the lookout for emails that match some of the following criteria:

  • Emails that are not addressed to you by name, have poor English, or omit personal details that a legitimate sender would include.

  • Are from businesses that you're not expecting email from, or that you don't subscribe to.

  • Ask you to download any files or messages.

  • Take you to a landing page or website that does not have a legitimate URL. Mailgun will always send you directly to Mailgun.com

  • When in doubt, don't click the link! Visit Mailgun directly by typing www.mailgun.com into your browser's address bar.

What should you do?

  • Do not click on it

    If you receive a suspicious email, do not click any links!

  • Obtain the email headers

    Obtain the email headers. In Gmail, if you click the three dots on the upper right side of the email, then click "Show Original," you can copy the email headers there.

  • Forward email headers to abuse@mailgun.com

    Forward the email you received, with the email headers you just copied added, to abuse@mailgun.com. We will take appropriate action from there.

  • Delete the email

    Delete the email you received. If you continue to receive additional suspicious emails, continue to forward them to us with headers.

See what you can accomplish with the world's best email delivery platform

It's easy to get started. And it's free.
CTA icon