I received an email tonight in our accounts payable email address stating that we had an upcoming payment due. The url in the link was:
https://app.getpostman%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20.com/pay/billing
Thing is, we don’t have a pro account, but our accounts payable email alias may be listed in your systems.
So I just wanted to give you guys a head’s up in case your systems may have been compromised.
@cdukes Odd - can you contact us at [email protected] (with the contents of the email)? We’ll take a look.
Sorry for the delay. Yes. I got another one today and will forward the headers.
@cdukes There was a stray newline in the email template which led to the malformed link. This has since been fixed. NO Postman systems were compromised at any point.