Recently, it has come to our attention that some of our partners have received emails from email addresses which have some of our employee’s names followed by “@boxljght.com”(This is Boxlight, but spelled with a j in place of the i). The body of the emails are intended to engage the recipient so that the sender may obtain additional information. They may also tell the recipient that there are new banking details they should be made aware of to remit payment to. If you receive an email like this, please do not engage with the sender. To our knowledge, the sender has obtained the name of the employee, and the recipient’s email from a combination of social engineering and information that is publicly available.
We’d be grateful if you could alert us to the incident by forwarding the email as an attachment to firstname.lastname@example.org. Forwarding the email as an attachment will include all of the header information we’d need to further investigate the incident. Unfortunately, this activity is increasingly common for companies, and is known as registering a doppelganger domain.
Please examine your emails from the Boxlight team carefully to ensure they are valid by confirming that they are from the Boxlight.com domain. Thank you for your cooperation and understanding. We apologize for any confusion or inconvenience.