Phishing emails impersonating Prezly: What you need to know

Over the past week, we’ve seen an increase in phishing emails impersonating Prezly. We want to share some context and a few simple ways to help you stay protected.

These emails do not come from Prezly. They’re sent via external email platforms we don’t control. The attackers appear to be collecting email addresses from public newsrooms and then sending messages that look legitimate at first glance.

Our systems have not been compromised.

We're monitoring login attempts and suspicious account activity continuously. If we had any reason to believe an account was compromised, we blocked access and contacted those users directly.

If you haven’t heard from us, everything is in order.

The messages often use common, urgent-sounding subjects (like account reviews or cancellations) and are meant to blend in with a busy inbox. They are designed to catch people when they’re busy or distracted. Taking a moment to double-check the sender address can make all the difference.

• Prezly emails always come from an @prezly.com address
• We strongly recommend using two-factor authentication (2FA) with an authenticator app, which is more secure than email-based verification
  • Settings → Login details → Set up authenticator app
  • 2FA is not needed if you use SSO or Google login
• Use a unique, strong password and avoid reusing it across tools

Your data in Prezly is secure. Like any online system, access is only possible if someone else gains control of a user’s email and password, which is why good password hygiene and 2FA matter everywhere, not just in Prezly.

• Secure your own email account first. Two-factor authentication on Prezly or another tool won’t help if someone already has access to your email account. Secure your personal and work emails with 2FA – this option should be in your settings, whatever email client you use.
• Avoid reusing passwords. Reused passwords are one of the easiest ways attackers gain access to accounts. A password manager like 1Password helps you generate and store strong, unique passwords for every service, so you don’t have to remember them yourself.
• Use 2FA and a password manager together. A password manager combined with 2FA significantly reduces the risk of account takeover.
• Report suspicious emails as phishing in your email app. This helps reduce future attacks for everyone.

If you’re ever unsure about a message claiming to be from Prezly, contact us at support@prezly.com or via in-app chat.