Support Center / How to avoid phishing scams

How to avoid phishing scams

A phishing scam is a cyberattack where a criminal sends you an email that either links to a fake website or contains an attachment that is, in reality, malware (for example, keylogger software). 

Fake websites are typically designed to trick you into divulging sensitive personal information, such as your bank login details. Phishing emails usually claim to be from a trusted source and make it sound like an emergency to make it more likely that you’ll click the fraudulent links or attachments provided..

Classic examples are your bank or email service, but craftier criminals often pose as services that are less likely to trigger your alarm bells because people tend to re-use the same passwords across multiple websites and online services.

Learn more about phishing attacks

How to verify emails are from Proton

As a valued member of the Proton community, you will occasionally receive emails from Proton, Proton VPN, Proton Mail, Proton Drive, or Proton Calendar. Reasons we send these emails include:

  • Product notifications (such as for upcoming Calendar events or a completed Easy Switch import)
  • Newsletters to keep you updated about company news and new releases
  • Email address verification
  • Account recovery
  • Offers and promotions

To manage the emails we send you, sign in to account.protonvpn.com and go to AccountEmail subscriptions

Whenever you receive an email that claims to be from us, we strongly encourage you to verify that it’s genuine. The following list shows all the domains used by Proton to communicate with our community via email. To verify that an email is genuine, simply confirm that it was sent from one of these domains:

  • no-reply@news.proton.me
  • no-reply@news.protonvpn.com
  • no-reply@news.proton.me
  • no-reply@news.protonvpn.com
  • no-reply@mail.proton.me
  • no-reply@calendar.proton.me
  • no-reply@drive.proton.me
  • no-reply@vpn.proton.me
  • no-reply@offers.proton.me
  • no-reply@offer.protonvpn.com
  • no-reply@notify.proton.me
  • no-reply@notify.protonvpn.com
  • no-reply@verify.proton.me
  • no-reply@recovery.proton.me
  • no-reply@partners.proton.me
  • no-reply@referrals.proton.me
  • contact@protonvpn.com
  • support@protonmail.zendesk.com
  • contact@proton.me

If you receive an email that claims to be from Proton but does not come from one of the above domains, please report it to abuse@protonvpn.com.

Tips for avoiding phishing scams

By following these tips, you will greatly reduce your chances of becoming a victim of a phishing scam. 

If you’re unsure about whether an email is genuine, visit the service’s website directly to access the information you need. You should also contact the support team of the organization in question from the genuine website if you have any additional questions.

1. Check the domain the email was sent from 

If you know the email’s domain matches that of its website, then it is probably genuine. Be careful not to confuse similar-looking domains with the real thing (for example, proton.rne instead of the correct domain, proton.me). 

2. Be careful about clicking on links

Only click on links if you are 100% sure the email is genuine (for example, if you have checked that an email from Proton came from a domain listed above).

3. Use Proton Mail

Proton Mail offers several security features designed to prevent phishing attacks. These include:

Emails from Proton domains are starred

All emails sent from legitimate Proton domains to Proton Mail accounts are starred, making it easy to know if an email is genuinely from us. 

In Proton Mail, genuine emails from us are starred

Link confirmation

This simple but effective phishing defense is enabled by default in all Proton Mail apps. It asks you to confirm that you wish to open an external link from an email and shows you the entire link URL.

Learn more about link confirmation

Address verification

This advanced feature allows you to manually trust PGP keys for specific contacts, giving you full control over which keys you trust. 

Learn more about address verification

Lock icons

You can easily identify the encryption status of emails you receive using lock icons shown on each email. 

Learn more about how to check encryption status using lock icons

DMARC Protection

Proton Mail supports Domain-based Message Authentication Reporting and Conformance (DMARC). If the domain of an email fails authentication checks (using the SPF and DKIM mechanisms), then Proton Mail will show a warning message. 

If you use Proton VPN, you already have a Proton Mail account. 

Learn more about Proton Mail plans

Secure
your internet

Get Proton VPN
Get Proton VPN

For customer support inquiries, please submit the following form for the fastest response:
Support Form

For all other inquiries:
contact@protonvpn.com


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: OpenPGP.js v4.10.10
Comment: https://openpgpjs.org

xsBNBFiYeeIBCACpwuYcTsACyjQaqY3tOUonokamGZf3VDuLvcA9nQnu4vlB
n1RFFUJa5Pmf2yZ9EjJFSldTl5lreE3tFf53CcZ9wKa1R6aMnN/0VqURJho0
ZTqevQlCvuJ9kKHkDck3Em0/1WWnhDJgabp+fOa5HAHoAvcNy5gVPuexTT/N
wp6QcfB7w+qFhf73s0bcSn5RC+FAYlQxZVFhFtA7/7LthBVatDJrYLYP9XJd
zOZqz9AX0XZwKal25RcVeGHkNKgloo0bTgro4D88MR7saqXFHTRhy3+Wss7c
uqrh0uIkVmqtadoK/rAbqOyFXQ2DlvSMVrEMLUvwlZbC0taqcKDfNA+FABEB
AAHNLWNvbnRhY3RAcHJvdG9udnBuLmNvbSA8Y29udGFjdEBwcm90b252cG4u
Y29tPsLAfwQQAQgAKQUCWJh54wYLCQcIAwIJEN4dfnhhw11TBBUIAgoDFgIB
AhkBAhsDAh4BAAoJEN4dfnhhw11T6PwIAKgIHTUaEcCFQ5WfmwGpdhRgFe7H
gnHR8UOFPrRKnbCOQgTVPGwCFt8UVFhEgbmtroThU89DpxFSYUOD6nZ2k1X3
X4Q9OsItFUUuhPtLJrkz5ghtZLmsAH/edTRbVU1Ew1E8KbylLFI1J5yId7zR
GdnaTXv/E7P3po5X/b08TFAhXSyYYUbMeQuthbJajtpFygr53lm47cOWa4N8
udqLhmpheaQj04DuqYXOGC08JQn+XbHzhFl5Yvlt9Idk8+7c2UJ0qgWKQ5ZV
mquRAw5HDCQM5OqF1MoImDxOH+tK3PUlvFDsLZ1WPEOHK/EN12sPBx0x1R04
fcPTPdbMwgISGM3OwE0EWJh54gEIALqhrLUpvarPc0nkuHpyJC/MsrIDPLuV
qMc49tgjgDBsyIKJFEP9qCnkSOEixaFi+nTljUSpkHGR+PvEGecmcOdW6djN
QGxon/nwBT9d8HbtxJesaEIzwRAxmqQW9MqNq4UsfNQ0VvUYqV9wEbYfdDT/
jZfz9N0hjFELF1sg3UPcCRijhf162bp+rLQdO9vWVUbOdMQvsM/kyUJ6JMXR
xUtyKC05ddxii2SMr4XUW45ostPbxJybOF5oSZpEb1EIlrTLLPAe/498XlBW
hpRAPe+9ZfNs7drMvUEFnnOXahrXAuaaZpyaS/XBaloqSb1+v2AkUep3dbSF
PaRtbXRMS+kAEQEAAcLAaAQYAQgAEwUCWJh54wkQ3h1+eGHDXVMCGwwACgkQ
3h1+eGHDXVMZ4Qf4hu5N8/uYNDqJMFRIWSCpPGxmyIVXGARG4hgR8gwPZY9K
fReAUndX3uODBNIgZU7I3YntawU1DlP6GpP6yyR/8lfUMNCAXPDmd+zTFYIJ
UDHD8sw2GRrFVzFOKUpAapWFOI4XjSMP2UiK4HgrpUjAhe1wSaa7nEjtAuYT
zFx1QSuQD1iYcOF/FAm7EuhBIfWITjYAobGM6gonPbp3IPHM52rUbulllcdV
vCLs+blcyiVCGZlNcmlg3eibAJJL19TQLqT2DbQvQ/SyVBJGjoT+y4TTRtmZ
cebEjt2KJcc4x2lzPq3z2KJNyJTOTMB+aYD9Ma9IObDds+M/+5XDWi7f
=ueTT
-----END PGP PUBLIC KEY BLOCK-----

You can also Tweet to us:
@ProtonVPN