To Our Forum Community,
Early last week, we found out that our general contact email of firstname.lastname@example.org was spoofed, and illegally misused by a third party as the “reply-to” address for a variety of spam and scam messages they were sending to a wide variety of users all over the world.
What is spoofing? As defined by the National Institute of Standards and Technology, spoofing is, “Faking the sending address of a transmission to gain illegal entry into a secure system.”
This means that a third party took our general contact email address of email@example.com and inserted it as the “reply-to” field in their messages, so if a user received a message, and they hit “reply,” the address that popped up was ours.
What did the spoofing messages look like?
These spam messages were for a wide variety of products and were very clearly not from the Collective Impact Forum or representing Forum work, but the “reply-to” address they inserted was ours.
If you received a message from us in the last month that has our heading above and is representing our work, that email was safe to open and came from us.
The Forum Site Is Safe to Use
This third party does not have access to our email system or our website. Our site is safe to use, and our internal systems are safe. But a spammer doesn’t need to infiltrate a system to spoof—they can just manually copy an email address and insert it into their system that sends messages.
This activity is illegal, and everyone who has been impacted by spoofing are victims of cyber crime. The Forum now unfortunately shares this terrible experience.
Spammers use a variety of ways to build their email lists and as already noted, we are confident that there were no data breaches of our systems. If you received a third-party spam message where firstname.lastname@example.org was used as the reply-to address, we are sorry that you were also targeted in this spoofing attack and encourage you not to click on any links. Because the spammer is using a list over which we have no control, we unfortunately cannot change or remove your email address from that list.
We also want to express our gratitude to the Forum team and FSG’s IT team who have been working on this issue, and who have received many negative and violent responses to these third-party emails. Again, the Forum was not involved, and has no control over what messages were sent out. Both our teams and every recipient of these emails are victims of cyber crime.
What we are doing in the interim:
The unfortunate truth is that there isn’t much recourse for spoofing as it’s completely external to our systems. You can’t control it or stop it. The main recommendation is to wait it out.
Along with waiting, we are also filing an FBI Internet Crime Report. If you are ever in similar circumstances where your email is involved in spoofing, and are based in the U.S., we encourage you to do the same.
We also will be using a temporary email alias of CIforum@fsg.org.
We are using this as our general contact email for right now in our community newsletters.
Our team is also temporarily using fsg.org aliases for our everyday communications. If you email us at our collectiveimpactforum.org emails, your messages will still be received, but for the time being, we are using fsg.org as our email domain to ensure you can receive our communications.
If you have questions or concerns about this spoofing incident, please reach out to us at CIforum@fsg.org, and we will assist where we can.
To reiterate, the Collective Impact Forum site is safe to visit, and you can continue to download resources, stream podcasts, and watch webinars.
Thank you for your continued partnership and belief in the Collective Impact Forum. Although this is a hard incident to work through, we are deeply appreciative to you, our community, for your support.
The Collective Impact Forum team