Pages Menu
TwitterFacebook
Categories Menu

Posted by on Oct 24, 2018 in Annotate PRO

Microsoft Office marked the validation email link as “malicious”…what does THAT mean?

 

When you sign up via email for an 11trees account (for either Annotate PRO or Q for Success) our system will immediately send you a verification email so you can prove you own the account.

The email should appear within a minute or two. If it doesn’t please check spam or quarantine folders in your email account.

The email will look something like this:

Hello,

Follow this link to verify your email address.

https://trees-3aac6.firebaseapp.com/__/auth/action?mode=verifyEmail&oobCode=iWVAtmU4Ywqpf6JvGBPw-ykIpd7Ph29Iwpvu8QMDj_QAAAFmgtUi1A&apiKey=AIzaSyBUgUUAIF_WdLpXTM91csO8xnmCergJ9sI&lang=en

If you didn’t ask to verify this address, you can ignore this email.

Thanks,

Your 11trees team

Our user authentication (usernames and passwords) is handled by a Google cloud solution called Firebase. That’s the “firebaseapp.com” in the above URL.

Some institutions/organizations using Microsoft Outlook for email my see the following scary message upon clicking the provided link (see screenshot below).

This is relatively new phenomenon (October 2018)…and Microsoft seem to be putting responsibility for managing “safe links” on an organization’s Office administer. We do not know why our innocuous “click to verify email ownership” links are marked “malicious”…but your IT department can make our domain “safe” by following these steps:

Ideally they would add “https://trees-3aac6.firebaseapp.com/” with wildcards afterwards to allow all such links to be clicked.

We will monitor this situation and update our article as we learn more.

An alternate path is just to sign up with a personal email (Gmail etc).

 

Malicious Link