Safety email from Oneida-Air about V-3000 (and others) is legit...

[Festdewalkita]

Cybersecurity 101 is never click on a link provided in an email.

Got an email today purporting to be from Oneida-Air, but did actually have oneida-air.com as the sending domain (you can always click on a sender's name to find out from whence it came).

I went to the website just to be safe (figuring it would be on their site somewhere), intending to follow the link from their website.

It wasn't there.

I called them (866-387-8822--Support), and they confirmed it was legit, and that they sent it out.  It leads to mandrillapp.com, which then re-directs to oneidaair.wufoo.com.  Support gal said it is a short process to see if the fan wheel bolts are loose, with a way forward if they are.

She said it only affected a couple hundred folks who bought these systems between Mar 2021 and Nov 2023, but...who knows (everyone saw that Bentley go airborne up at Niagra Falls, and Bentley only recalled their *European* models of that car for known acceleration issues).

View attachment 1View attachment 2View attachment 3View attachment 4

Hope this helps someone.  (Mods, feel free to fix the pictures so they show in the post, and right side up to boot...not too sure why the forum software is so goony.)

 

[mino]

... It leads to mandrillapp.com, which then re-directs to oneidaair.wufoo.com. Support gal said it is a short process to see if the fan wheel bolts are loose, with a way forward if they are.

Oh how intimately I know this "legitimate email created like a scammer pro was involved".

At my former employeer, a huge IT company, once an apparently "young and cool" global HR team fella came with the wonderful idea to use some "cloud service" to send a regular employee satisfaction questionaire. It was de-facto as secure as it gets, the service the used was actually ours we offered to clients .. but the implementation folks used pretty much random made-up domains to host the pieces so they did not have to go through the proper approvals to be allowed to host it on our main intranet domain ...

Needless to say, that email (going to over 500k emplyees!) hit every scam property there is ...

Not sure if the fella responsible was fired, but the furore this triggered resulted in the global HR going "dark" in their usual spammy messaging for half a year or so. At least something positive came out of that. Heh. A proper internaly hosted tool was used once they sorted it.

In these cases it is best to tell one's contact at the company that their email notification "looks like a proper scam". Non-IT folks often do not realise the issue ... after all, they paid for all those domains and mailman services. Right?

[smile]