Did I mention this?

Important: Secure Your СІоudfІаrе Account

Hello,

To ensure the security of your СІоudfІаrе account, we recommend reviewing recent activity and updating your security settings.

Action Required: Log in to your СІоudfІаrе Dashboard to verify recent changes or enable additional security measures.

Go to СІоudfІаrе Dashboard

Need help? Visit our Support Center.

Best regards,
The СІоudfІаrе Team

© 2025 СІоudfІаrе, Inc. All rights reserved.

СІоudfІаrе, Inc. | 101 Townsend St, San Francisco, CA 94107

Yes — and that’s a phishing email dressed up as Cloudflare.

The giveaway is the use of fake characters in “Cloudflare” — they’ve replaced normal Latin letters with lookalike characters from another alphabet (likely Cyrillic, e.g., С instead of C, І instead of I, а instead of a). This trick fools the eye but lets them register a domain that isn’t actually cloudflare.com.

If you hover over the “Go to Cloudflare Dashboard” link, it will almost certainly point to some unrelated domain trying to steal your login.

Signs it’s fake:

• Homoglyph substitution in the sender name and body.
• Urgent security message with a single “log in now” link.
• No mention of your actual account name or associated domain.
• The footer is copied from Cloudflare’s real emails, but that’s easy to fake.