Skip to main content

Update – Status as of 29 April 2025 on the subject of phishing emails – block list

This article provides more information about system incidents and status updates.

Nadine Mösch avatar
Written by Nadine Mösch
Updated over a week ago

What are phishing emails?

Phishing emails are fraudulent emails designed to obtain sensitive information such as passwords, credit card details or personal data from recipients. The senders often pretend to be trustworthy institutions or well-known companies in order to deceive recipients and trick them into clicking on malicious links or revealing data.

There are currently many phishing emails in circulation that are characterised by increasingly sophisticated tactics. It is therefore important to be cautious and not to open emails that appear unusual or suspicious or follow any links.

Problem description / block list

Due to the misuse of emails sent via our IP addresses between 26 and 27 April 2025, Microsoft classified Dualoo's email traffic as suspicious and added it to a block list. As a result, no emails could be delivered to Outlook and Hotmail addresses between 3:45 p.m. on 27 April 2025 and 3:00 p.m. on 28 April 2025. This was possible because demo accounts were entered and a large number of spam emails were sent via our referral function.

No customer data or email addresses of customers or applicants were affected. Only the delivery of emails was affected, and no personal data or email addresses were compromised.

Example of a notification email about non-delivery:

Measures

To prevent future misuse, an update was installed on 28. April 2024 that limits the sending of recommendation emails to a maximum of 15 emails within 24 hours. At the same time, we worked with Microsoft to lift the block – the block has been lifted since 28. April 2025 at 3 p.m. and our IP addresses have been reclassified as trustworthy by Microsoft.

Recommended procedure

For every email that could not be successfully delivered to applicants or internal colleagues, you will receive a notification with the corresponding reason. For urgent communications, we recommended using an alternative channel for the short period of the block (e.g. by telephone or manually via your company email account). Now that the block has been successfully lifted, emails can once again be sent directly via Dualoo.

Important: Emails (which could not be sent and for which you received an error message) will not be delivered automatically at a later date.

Did this answer your question?