New Possible Scam Emails

Hey everyone, Natron Discord admin here with an important PSA.
If anyone has received any e-mails from contact[@]natron[.]studio, partnership[@]natron[.]studio, or a different address regarding ‘brand sponsorship/money in exchange for publicity of Natron’, here’s what to do:

1. Do NOT reply to the e-mail.
2. Report the e-mail as spam/scam/phishing
3. Do NOT send money or financial details (bank account details, OTPs, etc).

Additional Measures (Optional)

1. Run a WHOIS on the domain and find out Registrar Information and their Abuse Email address.
2. Check if the Registrar has any abuse reporting guidelines.
3. Write an email to the Registrar’s abuse email address to report the domain for ‘Email Abuse/Spam’.
   3.1. Follow the Registrar’s Abuse Reporting guidelines.

The domain natron[.]studio is registered on Namecheap (https://www.whois.com/whois/natron.studio. Their Abuse Email address is: abuse@namecheap.com. They have guidelines for reporting abuse: https://www.namecheap.com/support/knowledgebase/article.aspx/9196/5/how-and-where-can-i-file-abuse-complaints/. If you have received spam emails from someone[@]natron[.]studio, please report it to Namecheap, making sure to follow all their guidelines.
The more people will report these emails to their email providers and the Registrar, the faster the domain will be taken down.

There is no official campaign for raising funds for Natron. There is also no sponsorship/partnership campaign offering payment in exchange for endorsement. If there is any official campaign, it will be publicly posted on the Natron website (https://natrongithub.github.io/), GitHub (https://github.com/NatronGitHub/Natron), and here on the Forum. There won’t be any unsolicited e-mails regarding the same. Stay vigilant, and stay safe.

Thanks for your attention.

Apparently that someone has been using my name (TheFckinUnicorn) to send emails.

To be completely clear, I am not, and won’t be sending any emails concerning/on behalf of Natron. My role in Natron is limited as a volunteer administrator in the Natron Discord server. I am not affiliated with development or any other efforts. If you receive any emails concerning Natron, you should disregard and report them immediately.

An example of one of the emails as received by one of the community members:

This. The more users report these emails to the email provider or corporate IT, and place them in the spam folder, the more likely they will be blacklisted.

This is true, but for one email address only. The attacker owns a domain and is presumably running a mail server. This means they can create as many different email addresses under that domain as they want. As far as I’m aware, most major email providers give you no surefire way to completely block all mail from a domain. You can only filter individual email addresses as spam, and Gmail allows you to use the filter from:@example.com to filter all emails from example.com. But it doesn’t work perfectly, and it doesn’t block emails entirely, rather just filters them.
The best way to deal with a situation like this is to report abuse to the domain’s Registrar. In this case, natron[.]studio is registered on Namecheap. They have a proper process and guidelines for reporting email abuse/spam, for which I’ve edited my original post above, and added the details.
Now the people who have received the spam emails will just have to actually report the domain to Namecheap. That’s how it can be taken down for good.

The second part is true, though people are less likely to do that. For the first, the provider does more than just filter. Speaking from registered charity and nonprofit experience where I had to somehow unblock legitimate addresses. Anyway, scammers have infinite ways of making life miserable for people doing good and hard work, F/LOSS included.

Hope it gets resolved, they lose interest or their bot stops working.