Peace be with you, Proton Community, 🌹

I was trying to find out which search engine Lumo uses in the background. To do this, I used the official contact form here: https://proton.me/support/contact?topic=lumo.

Unfortunately, I later realized that the official site lists “protonmail.zendesk”, not “protonme.zendesk”. The domain “protonme.zendesk” looks suspicious, and many sites online report it as a phishing attempt.

I have already taken security precautions on my end, but I want to be absolutely sure before I report this domain as malicious. Has anyone else seen this? Please let me know if you think this is phishing. And i hope you can answer my question about the search engine 😁

Thanks for the help.

  • AmbitiousProcess (they/them)@piefed.socialEnglish
    18·
    2 days ago

    It’s legitimate.

    Proton hasn’t updated their official phishing advice page with the new domain, buuuuuuuuuuuuuuut you can see them suggesting someone contact them on the protonme.zendesk.com domain on their official App Store page (under the “the app changes fonts on internal website” review), and on their official Google Play Store page (has to be set to the turkish language in that URL otherwise the review they’re responding to doesn’t show up)

    Unless BOTH accounts that manage their app distribution on both the Google Play AND Apple App Store were quietly compromised (and never found out), and used to post just a handful of replies to reviews with a phishing domain, I think it’s safe to say it’s legit and they just forgot to add it to their list of non-phishing domains yet.

    • prettybunnys@piefed.socialEnglish
      71·
      2 days ago

      Proton hasn’t updated their official phishing advice page with the new domain, buuuuuuuuuuuuuuut you can see them suggesting someone contact them on the protonme.zendesk.com domain on their official App Store page (under the “the app changes fonts on internal website” review), and on their official Google Play Store page (has to be set to the turkish language in that URL otherwise the review they’re responding to doesn’t show up)

      This doesn’t exactly raise green flags.

      • AmbitiousProcess (they/them)@piefed.socialEnglish
        1·
        2 days ago

        As I said, unless their official app distribution accounts were both compromised without anyone ever finding out and raising the alarm, and used to spread just a couple fairly hard to normally find instances of that URL, I think it’s a lot more likely they just… forgot to add it.

        The alternative is much less likely: that someone specifically targeted this user with a message that knew exactly what they put in Proton’s official contact form on their official domain, but chose not to ask for any information and just provided an answer to the question and then left.

        • prettybunnys@piefed.socialEnglish
          1·
          2 days ago

          forgot to add it.

          Yeah. This type of stuff isn’t a great look. Carelessness from a company that’s supposed to protect privacy.

          That’s what I’m saying.