Report a Security Vulnerability

To report a security or privacy vulnerability in any of Oura’s products, websites, or services, please email

Helpful information to include:

  • Device type, operating system, browser, and/or app version
  • Screenshots or video of the security bug
  • Description of the vulnerability, or steps to recreate the behavior

You can also email to report phishing attempts.

Occasionally, people will create fake emails or websites designed to imitate Oura. These sites or domains can be used to attempt to steal personal information, such as bank account information or passwords. This is often called phishing and is something we as an organization take very seriously.

If you receive an email or are directed to a website that looks like Oura but asks for confidential information, we advise you to exercise caution.

How To Identify Fraudulent Emails and Websites

Check for Official Oura Domains

Fraudulent emails often come from domains that may appear similar, such as @ouraringmedia. But legitimate emails from Oura will only come from the following domains:


If the email you've received was not sent from one of these domains, it's not from Oura.

Icon_Error__2_.png Please note, the email address is in fact a legitimate email address of Oura. If you've recently received a personalized offer from this address, you are safe to engage with it! 

Check for Legitimate Links

Illicit emails can contain links to fake Oura web pages that try to steal your information. Don’t click on links in any emails you’re unsure of.

A real link to Oura will begin with or a country-specific URL like, or

If you click a link that takes you to a page that looks like Oura but doesn’t start with this address, it’s a fraudulent page and you should close it immediately.

Check the Website Address

Pay particular attention to misspellings of Oura's name. If Oura is misspelled in the website address, the website is fake. 

Check for a Lock Icon in Your Browser

You can tell if a website is secure by looking for a lock icon  in your browser’s address bar. All of Oura's websites will have this icon. If this icon isn't in the address bar, your connection to the website isn’t secure. Don't enter any personal information if you don't see this lock icon.

Another way to identify if the site is secure is if the URL includes "https" and not "http".

Be Wary of Manipulative or Threatening Tones

Fraudulent emails and websites often contain urgent tones and threaten account suspension, or show a delayed payout if you don't click a link or provide certain information immediately. Avoid submitting information or clicking pop-ups if you're unsure of the source.

If you believe you've been targeted by a phishing scheme imitating Oura, please contact Our team will review your request and advise you on whether or not further action is needed.

Thank you for helping keep the Oura community safe and secure!

Was this article helpful? 3 out of 5 found this helpful
Back to the Top