cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Phishing mails from sapmail.com - be careful

Go to solution
Former Member

on ‎09-05-2013 10:53 PM

0 Kudos

Did anyone else get a mail from sap@mailsap.com (Mike Griffiths) asking to install a server certificate via a link?

The download is a GET= parameter against SMP, but the source is unknown and requests you to anstall a server certificate...

I reported it to SAP. If anyone else gets it then I suggest waiting until the real SAP confirms.

Cheers,

Julius

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

krscheffler
Advisor
Advisor
‎09-06-2013 1:51 PM
0 Kudos

Hi Julius,

Thanks for your question.

I can confirm that the email that was sent is legitimate.  We also posted a blog on SCN that contains the same/similar information: http://scn.sap.com/community/businessobjects-web-intelligence/blog/2013/09/05/important-update-for-c...

There is an article that references the digital certificate information on the SAP Support Portal that was embedded in the email.  It can be found here: http://service.sap.com/java-webi-certificate

Thanks,

Kristen

Show replies
Show replies
Former Member
‎09-06-2013 5:08 PM
0 Kudos

Ok. Thank you!

former_member233385
Participant
‎09-08-2013 3:53 PM
0 Kudos

Hi Basis Expert,

Even we have received the same message from SAP.

But when i have gone thru the link

 

http://service.sap.com/java-webi-certificate

As per the link the following SAP BI Platforms are affected by this message

BI4.0

XI 3.1

But from BI side we are on -> EHP1 for SAP Netweaver 7.0 (Higher version)

From the XI side we are on -> Netweaver 4.0 (XI 3.0 - Lower version)

So i think it is not applicable for us.

But i would request your suggestion.

Regards,

Anil

Answers (4)

Answers (4)

Former Member
‎09-06-2013 7:29 AM
0 Kudos

Hi Julius,

when you log in into the SAP Service Marketplace an go to the SAP Support Portal you can see these news:

"SAP AG Java Certificate (for Web Intelligence) is expiring

When opening or editing a Web Intelligence report using the Rich Internet Application (Java Report Panel), end users will see a security warning. The SAP BI 4.0 Platform version is affected by this message. Our development team has been working diligently to create fixes for the affected product versions."

So, it's no phishing mail.

Regards,

Claudia

Show replies
Show replies
Former Member
‎09-06-2013 7:16 AM
0 Kudos

Hi Julius,

I got that one, too. Around 8 hours ago.

Regards,

Claudia

Show replies
Show replies
Former Member
‎09-06-2013 7:01 AM
0 Kudos

I have also received that email.

All the newsletters about Technology, Business Process come from same email address.

I didn't think it was phishing as it was like other newsletters.

Every such newsletter links to sap.com/mk/get?

So sap.com/mk/get could be just a redirect server, meant to track amount of traffic newsletters are generating.

Show replies
Show replies
Former Member
‎09-06-2013 11:28 AM
0 Kudos

It seems like it is legitimate, but not very corporate identity conform and overkill to send it to the whole of SDN...

I guess Mike was just trying to do the needful..  🙂

Cheers,

Julius

Colleen
Advisor
Advisor
‎09-06-2013 2:21 AM
0 Kudos

I received an email overnight about Web Intelligence Digital Certificate Issue also from Mike Griffiths

It advises a Java runtime certificate is going to expire 8 Sept and provides a link to deploy a new patch.

Show replies
Show replies
RafkeMagic
Active Contributor
‎09-06-2013 8:27 AM
0 Kudos

I've seen something like that pass by as well...

Ask a Question