https://live.paloaltonetworks.com/t5/next-generation-firewall/phishing-email-important-palo-alto-networks-informational/m-p/616474#M4975 <P>I just received what looks like an official PA email which suggests I visit (which appears to be legit)<BR /><A href="https://u574567.ct.sendgrid.net/ls/click?upn=u001.Mf7MWdPSfie6Atm1eagsgHU9XR5iD9zXZRfCa5aUs7TUinpGHGDwh5yfIb3rN1l-2FZGDTo2JhEXRoKV4g4O-2BTRw-3D-3D01xL_RSmWOI3fPdFDxAydigDPQ0B3wqTdN-2FdVrw1pPIwZgLo1Tm1IpTFMKLK1VkHu0R1CiekjLS8dpHKEPJuSlObk2y3YZkOpF0NLsRwSSHE0Us-2Bf7tEkEzdE5o9uisMWdwgmcimgGojH7qpDLoiLDjMVf7QAqx-2FPCqraxH1xcJ3n0gizqhyCnWih5Nfzr0UQc8kSi0uc7L9Vm-2BlIm13h0sU11Q-3D-3D" target="_blank">https://security.paloaltonetworks.com/PAN-SA-2024-0015</A></P> <P>For important security information about how to configure my management interface.</P> <P>Yet when I look at the link I'm being asked to click, I see something which doesn't look at all related to Palo Alto (don't click this, might be bad):</P> <P><A href="https://u574567.ct.sendgrid.net/ls/click?upn=u001.Mf7MWdPSfie6Atm1eagsgHU9XR5iD9zXZRfCa5aUs7TUinpGHGDwh5yfIb3rN1l-2FZGDTo2JhEXRoKV4g4O-2BTRw-3D-3D01xL_RSmWOI3fPdFDxAydigDPQ0B3wqTdN-2FdVrw1pPIwZgLo1Tm1IpTFMKLK1VkHu0R1CiekjLS8dpHKEPJuSlObk2y3YZkOpF0NLsRwSSHE0Us-2Bf7tEkEzdE5o9uisMWdwgmcimgGojH7qpDLoiLDjMVf7QAqx-2FPCqraxH1xcJ3n0gizqhyCnWih5Nfzr0UQc8kSi0uc7L9Vm-2BlIm13h0sU11Q-3D-3A" target="_blank">https://u574567.ct.sendgrid.net/ls/click?upn=u001.Mf7MWdPSfie6Atm1eagsgHU9XR5iD9zXZRfCa5aUs7TUinpGHGDwh5yfIb3rN1l-2FZGDTo2JhEXRoKV4g4O-2BTRw-3D-3D01xL_RSmWOI3fPdFDxAydigDPQ0B3wqTdN-2FdVrw1pPIwZgLo1Tm1IpTFMKLK1VkHu0R1CiekjLS8dpHKEPJuSlObk2y3YZkOpF0NLsRwSSHE0Us-2Bf7tEkEzdE5o9uisMWdwgmcimgGojH7qpDLoiLDjMVf7QAqx-2FPCqraxH1xcJ3n0gizqhyCnWih5Nfzr0UQc8kSi0uc7L9Vm-2BlIm13h0sU11Q-3D-3A</A>&nbsp; <BR />I changed the last letter from a 'D' to an 'A' in case someone does try to click despite my warning.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="CraigAr_0-1731165412234.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/63881i4D1B50546A5800AF/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="CraigAr_0-1731165412234.png" alt="CraigAr_0-1731165412234.png" /></span></P> <P>Is this real?&nbsp; Or is it Phishing?<BR />If it is real, why the red-herring style obfuscated link? [Phishing? Or tracking I don't want?]</P> <P>Why would a highly targeted security company send me something like this which I won't use because it looks like a security threat?</P> <P>If you want me to read and apply, don't load it up with a garbage payload.</P> <P>&nbsp;</P> Sat, 09 Nov 2024 15:32:02 GMT CraigAr 2024-11-09T15:32:02Z https://live.paloaltonetworks.com/t5/next-generation-firewall/phishing-email-important-palo-alto-networks-informational/m-p/616474#M4975 <P>I just received what looks like an official PA email which suggests I visit (which appears to be legit)<BR /><A href="https://u574567.ct.sendgrid.net/ls/click?upn=u001.Mf7MWdPSfie6Atm1eagsgHU9XR5iD9zXZRfCa5aUs7TUinpGHGDwh5yfIb3rN1l-2FZGDTo2JhEXRoKV4g4O-2BTRw-3D-3D01xL_RSmWOI3fPdFDxAydigDPQ0B3wqTdN-2FdVrw1pPIwZgLo1Tm1IpTFMKLK1VkHu0R1CiekjLS8dpHKEPJuSlObk2y3YZkOpF0NLsRwSSHE0Us-2Bf7tEkEzdE5o9uisMWdwgmcimgGojH7qpDLoiLDjMVf7QAqx-2FPCqraxH1xcJ3n0gizqhyCnWih5Nfzr0UQc8kSi0uc7L9Vm-2BlIm13h0sU11Q-3D-3D" target="_blank">https://security.paloaltonetworks.com/PAN-SA-2024-0015</A></P> <P>For important security information about how to configure my management interface.</P> <P>Yet when I look at the link I'm being asked to click, I see something which doesn't look at all related to Palo Alto (don't click this, might be bad):</P> <P><A href="https://u574567.ct.sendgrid.net/ls/click?upn=u001.Mf7MWdPSfie6Atm1eagsgHU9XR5iD9zXZRfCa5aUs7TUinpGHGDwh5yfIb3rN1l-2FZGDTo2JhEXRoKV4g4O-2BTRw-3D-3D01xL_RSmWOI3fPdFDxAydigDPQ0B3wqTdN-2FdVrw1pPIwZgLo1Tm1IpTFMKLK1VkHu0R1CiekjLS8dpHKEPJuSlObk2y3YZkOpF0NLsRwSSHE0Us-2Bf7tEkEzdE5o9uisMWdwgmcimgGojH7qpDLoiLDjMVf7QAqx-2FPCqraxH1xcJ3n0gizqhyCnWih5Nfzr0UQc8kSi0uc7L9Vm-2BlIm13h0sU11Q-3D-3A" target="_blank">https://u574567.ct.sendgrid.net/ls/click?upn=u001.Mf7MWdPSfie6Atm1eagsgHU9XR5iD9zXZRfCa5aUs7TUinpGHGDwh5yfIb3rN1l-2FZGDTo2JhEXRoKV4g4O-2BTRw-3D-3D01xL_RSmWOI3fPdFDxAydigDPQ0B3wqTdN-2FdVrw1pPIwZgLo1Tm1IpTFMKLK1VkHu0R1CiekjLS8dpHKEPJuSlObk2y3YZkOpF0NLsRwSSHE0Us-2Bf7tEkEzdE5o9uisMWdwgmcimgGojH7qpDLoiLDjMVf7QAqx-2FPCqraxH1xcJ3n0gizqhyCnWih5Nfzr0UQc8kSi0uc7L9Vm-2BlIm13h0sU11Q-3D-3A</A>&nbsp; <BR />I changed the last letter from a 'D' to an 'A' in case someone does try to click despite my warning.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="CraigAr_0-1731165412234.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/63881i4D1B50546A5800AF/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="CraigAr_0-1731165412234.png" alt="CraigAr_0-1731165412234.png" /></span></P> <P>Is this real?&nbsp; Or is it Phishing?<BR />If it is real, why the red-herring style obfuscated link? [Phishing? Or tracking I don't want?]</P> <P>Why would a highly targeted security company send me something like this which I won't use because it looks like a security threat?</P> <P>If you want me to read and apply, don't load it up with a garbage payload.</P> <P>&nbsp;</P> Sat, 09 Nov 2024 15:32:02 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/phishing-email-important-palo-alto-networks-informational/m-p/616474#M4975 CraigAr 2024-11-09T15:32:02Z https://live.paloaltonetworks.com/t5/next-generation-firewall/phishing-email-important-palo-alto-networks-informational/m-p/616498#M4980 <P>Hello,</P> <P>&nbsp;</P> <P>It is a legit email.</P> <P>You can also find the SA on the page security.paloaltonetworks.com&nbsp;</P> <P>&nbsp;</P> <P>Olivier</P> Mon, 11 Nov 2024 03:48:46 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/phishing-email-important-palo-alto-networks-informational/m-p/616498#M4980 ozheng 2024-11-11T03:48:46Z https://live.paloaltonetworks.com/t5/next-generation-firewall/phishing-email-important-palo-alto-networks-informational/m-p/999768#M5303 <P>You can view/inspect the link using the following site to see if it has been flagged as malicious, etc.</P> <P>&nbsp;</P> <P><A href="https://virustotal.com" target="_blank" rel="noopener">https://virustotal.com</A></P> Fri, 27 Dec 2024 18:18:32 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/phishing-email-important-palo-alto-networks-informational/m-p/999768#M5303 WilliamObrien12 2024-12-27T18:18:32Z