We are aware of reports that phishing attempts are impersonating Magento Commerce and are being used for targeted attacks. This misleading phishing email encourages users to click on a link that indicates all users are required to register for an alert platform.
The current email phishing scam has a message “Registration to Magento Alert Platform is Required” with a malicious link to attempt phishing for account credentials.
Phishing scams use enough false information, using branding and legitimate content, to fool you into giving away important information. By responding to these messages, you may provide personal or company information, accidentally log into systems that steal credentials, install malware (harmful applications), etc.
To determine if a message is a phishing attack:
Check the email header and sender to verify it is coming from Magento.
The email may not address you by your proper name or may have typing errors and grammatical errors.
Avoid installing zips or files attached to these emails.
Look at the URL for any links before clicking them. The links tend to have extra words, going to fake sites to attempt identity or credential theft.