This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Daniel_Kavan
MVP Gold
MVP Gold
‎2025-07-30 07:44 AM
Jump to solution

pypi phish

Has anyone seen this below?   What are some ways to prevent this with Check Point?  One way we were thinking would be to create a couple of domain objects;  one for pypj.com and another for pypj.org and block them.  Neither of them resolve to IPs, but maybe they activate those when they want to.    Others may  have anti-phishing in Anti-spam & Email Security.

 

 

this PyPI has not been hacked, but users are being targeted by a phishing attack
that attempts to trick them into logging in to a fake PyPI site.

Over the past few days, users who have published projects on PyPI with

their email in package metadata may have received an email titled:

```
[PyPI] Email verification
```

from the email address noreply@pypj.org.

Note the lowercase j in the domain name, which is not the official PyPI
domain, pypi.org.

0 Kudos
2 Solutions

Accepted Solutions
the_rock
MVP Diamond
MVP Diamond
‎2025-07-30 10:55 AM
Jump to solution

Maybe set custom domain *pypi* and block that?

Andy

Best,
Andy
"Have a great day and if its not, change it"

View solution in original post

Danny
MVP Platinum
MVP Platinum
‎2025-07-30 11:12 AM
Jump to solution

Create a custom site for pypj to block it. Best practice.

View solution in original post

2 Replies
the_rock
MVP Diamond
MVP Diamond
‎2025-07-30 10:55 AM
Jump to solution

Maybe set custom domain *pypi* and block that?

Andy

Best,
Andy
"Have a great day and if its not, change it"
Danny
MVP Platinum
MVP Platinum
‎2025-07-30 11:12 AM
Jump to solution

Create a custom site for pypj to block it. Best practice.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events