Please be aware that the content in SAP SQL Anywhere Forum will be migrated to the SAP Community in June and this forum will be retired.

Today I got a spoof email

Your timely payment history has been very much appreciated; however, some invoices on your account are now past due. Please review the attachment. Sincerely, Collections Department SAP

The attachment is actually a link to tnlogistics dot vn that I assume to be a compromised server

I searched all over the SAP site but can't find an email address to report this to - most organisations have an address like spoof@ to forward with headers.. Does anyone know where this should go to?


asked 17 May '17, 09:51

gchq's gravatar image

accept rate: 36%

You could go to and use the Chat or Contact Us links to talk to someone or send a message to SAP. I doubt there is anything that can be done since the email likely did not come from SAP?

(17 May '17, 10:18) Mark Culp

I know it didn't come from SAP, but most businesses like to take a proactive approach to closing down these scumbags that install malware by using their name to make the links appear credible...

(17 May '17, 10:34) gchq

In case anyone else has the same issue the email address is

sap underscore spam underscore

permanent link

answered 17 May '17, 14:02

gchq's gravatar image

accept rate: 36%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 17 May '17, 09:51

question was seen: 2,472 times

last updated: 17 May '17, 14:02