I am freaking out.

Today, I discovered that my users are getting email from executiveassistant@e.read.ai.  Each message contains a link to meeting notes for multi-company committees that include my users.   The only clue about the actual source is the reply-to address.  In several cases, the reply-to address is a Gmail account for one of the committee members, rather than a work account for the company that sponsored the meeting.

But  then it got worse.

Next, I discovered users who are getting messages from no-reply@cmcopilot.com.  There is no "Reply-To" address.  These emails are case management updates for support tickets.   The only information which ties the message to the initiating organization is an embedded link, which is a variant of the product name.

Right now, all of the messages are innocuous, but what comes next?   if anyone can create an account on these AI sites and use them to send anonymized email, how long will it be before we are have malicious senders intermixed with legitimate ones?

Thank goodness for Declude.   I have added new filters to detect known-good senders for e.read.ai (based on reply-to), and known-good senders for copilot.com (based on Body text.)  Maintaining these list could quickly become a bear.