Why did Barracuda send me this email?

GanChan

macrumors 6502a
Jun 21, 2005
585
22
0
I got a weird email just now, supposedly from Barracuda (with whom I've never had any dealings) saying "Thank you for contacting Barracuda Networks regarding your issue. Your issue is important to us. We have assigned a confirmation number: BBR21568249237-71426-2512 to this case.

We apologize for any inconvenience that this may have caused you. We have removed 70.167.10.176 (Please wait 24-48 hours) from our blocklist for 30 days, at which time it will be re-evaluated.

There are a number of reasons your IP address may have been listed as "poor", including:
[etc. etc.]

I have no idea what they're talking about. My own private IP address obviously isn't the one referenced in the email. I don't see any suspicious links or anything in the email, but of course I'm not going to reply to it or click on anything.

I WAS receiving a phishing email that was supposedly from a local landscaping company, so I looked up the landscaping company's phone number, called them, and told them they ought to check into it. I also sent them a screencap of the phishing email text. Is it possible that they lodged this issue with Barracuda, and Barracuda somehow sent this reply to me instead of them by mistake?
 
Last edited:

Zenithal

macrumors G3
Sep 10, 2009
8,901
10,010
0
I get emails like that every so often, except they're legitimate. I have a similar email to other people and sometimes get their email messages instead. The latest issue was a Frenchman who had supplied the incorrect email.
 

Scepticalscribe

macrumors Westmere
Jul 29, 2008
44,633
30,310
0
The Far Horizon
I got a weird email just now, supposedly from Barracuda (with whom I've never had any dealings) saying "Thank you for contacting Barracuda Networks regarding your issue. Your issue is important to us. We have assigned a confirmation number: BBR21568249237-71426-2512 to this case.

We apologize for any inconvenience that this may have caused you. We have removed 70.167.10.176 (Please wait 24-48 hours) from our blocklist for 30 days, at which time it will be re-evaluated.

There are a number of reasons your IP address may have been listed as "poor", including:
[etc. etc.]

I have no idea what they're talking about. My own private IP address obviously isn't the one referenced in the email. I don't see any suspicious links or anything in the email, but of course I'm not going to reply to it or click on anything.

I WAS receiving a phishing email that was supposedly from a local landscaping company, so I looked up the landscaping company's phone number, called them, and told them they ought to check into it. I also sent them a screencap of the phishing email text. Is it possible that they lodged this issue with Barracuda, and Barracuda somehow sent this reply to me instead of them by mistake?
Very dodgy.

My advice is that you don't respond, because, if you do, they will know that they have reached a "live", i.e. real and active email address.

Block them, instead.
 

D.T.

macrumors G3
Sep 15, 2011
8,776
6,443
0
Vilano Beach, FL
Barracuda is a legit company that provides all sorts of security, firewall, email protection solutions. They might be sitting in front of a website, an email server, etc., and some traffic through one of those services triggered something, and your email address may have been involved - or - your email address may have been used by another party for some kind of nefarious reason (like using it as a source/relay for spam), and again, that triggered a Barracuda service.

FWIW, the IP referenced above is from a block used by Cox out of Atlanta, GA.
 
  • Like
Reactions: a2jack

Scepticalscribe

macrumors Westmere
Jul 29, 2008
44,633
30,310
0
The Far Horizon
Barracuda is a legit company that provides all sorts of security, firewall, email protection solutions. They might be sitting in front of a website, an email server, etc., and some traffic through one of those services triggered something, and your email address may have been involved - or - your email address may have been used by another party for some kind of nefarious reason (like using it as a source/relay for spam), and again, that triggered a Barracuda service.

FWIW, the IP referenced above is from a block used by Cox out of Atlanta, GA.
But, while Barracuda is a legitimate company, is the email actually legitimately from them?

My bank is legitimate, but I have received (authentic looking) communications by email purporting to come from them, which did not, upon further investigation, actually emanate from them.

And, given that the OP never actually contacted Barracuda, I would have grave reservations as to why they chose to initiate contact with him.

How did they get his email address? Why did they say he had been in touch with them, when he hadn't?

Did they address him by name, or was it addressed instead, to "Dear Sir"? (Always a very dodgy sign, in my opinion).

If a company I have never had any dealings with (irrespective of whether they supposedly have a legitimate existence elsewhere) seeks to contact me - especially about a supposed "security breach" - all of my alarm bells ring loudly, clanging nosily.

In your shoes, OP, I would argue that this is not a legitimate communication and I would block it.
 

D.T.

macrumors G3
Sep 15, 2011
8,776
6,443
0
Vilano Beach, FL
As someone with ~30 years experience in tech, security, cryptography, a system architect of record for organizations like the DOD, I wouldn't sweat it - in fact, I would keep the communication channel with them open, since they might be providing some intel about the email address [in question] being used inappropriately.

They're not even asking for any action if the above information is complete/accurate, it's purely informative.

If the OP has any concerns why not go to Barracuda Networks (not through the email, but directly), open a chat with a rep, supply the ticket number and ask for details.
 

Scepticalscribe

macrumors Westmere
Jul 29, 2008
44,633
30,310
0
The Far Horizon
As someone with ~30 years experience in tech, security, cryptography, a system architect of record for organizations like the DOD, I wouldn't sweat it - in fact, I would keep the communication channel with them open, since they might be providing some intel about the email address [in question] being used inappropriately.

They're not even asking for any action if the above information is complete/accurate, it's purely informative.

If the OP has any concerns why not go to Barracuda Networks (not through the email, but directly), open a chat with a rep, supply the ticket number and ask for details.
No, but such an mail, by its very content, invites a response or reaction.

Personally, I very much doubt that it is genuine.

If the OP wants to confirm whether it is legitimate or not, a phone call to the company citing the reference number (ticket number) and seeking clarification might be worth considering.

In any case, in my experience, - and I don't doubt yours in the field - but anytime I have received such an email, it has not been either authentic or legitimate.
 

GanChan

macrumors 6502a
Jun 21, 2005
585
22
0
I sent it to the spam folder, and I'm going to pretend it never existed. I was just stumped by the fact that there were no obvious "click here" links in the body text. I guess they would have been content merely with a reply or acknowledgement.

Still, I'm a little annoyed that I've been receiving more (and more subtle) phishing attempts lately....