Received Scam Mail Storj Smart Contract upgrade

I received this email an hour ago. It had as sender.


Wow slick. Thanks for posting.

havent been any announsment here can be fishing? i do not got any email about this.

yeah me neither, it’s a scam.

Im sure the scammer is on this forum to.

@jocelyn can you comment situation, is it some true information?

This is the last thing she said Minimum Threshold for Storage Node Operator Payouts
Seems like someone has planned this based on this post.

No one in the right mind would send there storj to a strange wallet to pay fees ontop of getting scammed.

Can you post the headers of the email?

redact your email address and your local IP address.

However, the headers should show if the email was forged and maybe the originating IP address… which is probably fake anyway, but might be useful.

Delivered-To: ###
Received: by 2002:a05:7110:6030:b029:2f:f17a:5ac0 with SMTP id d16csp178713geb;
        Thu, 14 Jan 2021 07:39:42 -0800 (PST)
X-Google-Smtp-Source: ABdhPJy9cWA/Ujt61+8iLC9YKZdSRhEFgcNdnChlDwp6+SOWcUREweJOB8Ycayb3Y11Xw6GaCKEf
X-Received: by 2002:a63:5304:: with SMTP id h4mr8056425pgb.199.1610638782610;
        Thu, 14 Jan 2021 07:39:42 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1610638782; cv=none;; s=arc-20160816;
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;; s=arc-20160816;
ARC-Authentication-Results: i=1;;
       dkim=pass header.s=mailo header.b=R+sVjA1A;
       spf=pass ( domain of designates as permitted sender) smtp.mailfrom="";
       dmarc=pass (p=REJECT sp=NONE dis=NONE)
Return-Path: <>
Received: from ( [])
        by with UTF8SMTPS id q5si7094518pgg.392.2021.
        for <####>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Thu, 14 Jan 2021 07:39:42 -0800 (PST)
Received-SPF: pass ( domain of designates as permitted sender) client-ip=;
       dkim=pass header.s=mailo header.b=R+sVjA1A;
       spf=pass ( domain of designates as permitted sender) smtp.mailfrom="";
       dmarc=pass (p=REJECT sp=NONE dis=NONE)
DKIM-Signature: a=rsa-sha256; v=1; c=relaxed/relaxed;; q=dns/txt; s=mailo; t=1610638782; h=Content-Type: Mime-Version: Subject: From: To: List-Id: In-Reply-To: Reply-To: Date: List-Post: Message-Id: List-Unsubscribe: Sender: List-Owner: List-Archive: References: List-Unsubscribe-Post; bh=WUuhM3ruy1wOCYwtVpy6LRoYRoH6tdBGzRlI1qsC7x0=; b=R+sVjA1AHqNq5N3Y++JP64E7aA4+/v0ZIBIPHNqJomMozP85lQa2S2CEzb4Ewq4pAZVdU1HM XTm21zx9ErP5bmCnfxNajxucTTnn0lQ6AMhVVOIwtqMDd2MD8JSqJeP9gmuOsgWM1qLsrgfo s/tF7kyrJ9xJs2LVGfGps+wIUY0=
X-Mailgun-Sid: WyJmMGZmZCIsICJ0eWxrb21hdEBnb29nbGVtYWlsLmNvbSIsICI0ZDE4NTgiXQ==
X-Mailgun-Batch-Id: 600065a2415a6293c5388b9a
Received: by with HTTP; Thu, 14 Jan 2021 15:39:14 +0000
X-Mailgun-Variables: {"category": "post", "email_generated_at": "1610638752803", "is_freemail": "true", "publication_id": "254463", "post_audience": "everyone", "post_id": "31326718", "pub_community_enabled": "true", "user_id": "23943214", "post_type": "newsletter", "subdomain": "storj"}
List-Unsubscribe-Post: List-Unsubscribe=One-Click
References: <>
List-Archive: <>
List-Url: <>
List-Owner: <>
Sender: Storj <>
List-Unsubscribe: <###>
Message-Id: <>
List-Post: <>
Date: Thu, 14 Jan 2021 15:39:12 +0000
Reply-To: Storj <reply+infum&e96pa&&>
In-Reply-To: <>
List-Id: <>
X-Mailgun-Tag: post
To: ###
From: Storj <>
Subject: Storj Smart Contract Upgrade
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="ee453a9878ba4eac8c7f280e591448db"

Don’t click this link, but is not us. This is an impressive scam, but we are absolutely not upgrading our smart contract. I’m going to report this Substack account for fraud.

-JT (Storj CTO, in case that helps) :slight_smile:


The email looks like a legitimate substack email. The group is probably a hoax though.

This line in the header:

can be used by substack to locate the email in their server logs.

The content of the e-mail is really impressive! Scams are usually waaaay less elaborated! oO
That’s dangerous, many could fall for it :confused:

I don’t really get why Storj would be the target of scams where a lot of time is needed to set it up though.
I mean, I don’t feel like Storj is “big enough” (no offense intended).

1 Like

Interestingly I received this email not on an address that I use in this forum or with storj itself. I wonder how that relation was drawn.


Good, looks like they put a lot of time and effort into this, and it will almost certainly be entirely wasted!

Thumbs up for the team to get both the contract address as a scam and had the website removed!


Hi folks I was out of the office, but it looks like JT already addressed it. Thank you JT!


and @tylkomat thank you for your good citizenship!


I believe someone was scraping forum names and added for this.

Pro Tip: Many providers support aliasing your mail address with +, i.e. instead of you can create an alias for each website you enter your mail: Then you at least know where it was taken from.


Danke, ich bin fast drauf reingefallen :frowning:

1 Like