diff --git a/Changelog.md b/Changelog.md
index 9c407305d..559082a88 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -29,7 +29,7 @@
 * Only require AWS-module for fog [#7201](https://github.com/diaspora/diaspora/pull/7201)
 * Only show community spotlight links on the contacts page if community spotlight is enabled [#7213](https://github.com/diaspora/diaspora/pull/7213)
 * Require spec\_helper in .rspec [#7223](https://github.com/diaspora/diaspora/pull/7223)
-* Make the CSRF mail a bit more friendly [#7238](https://github.com/diaspora/diaspora/pull/7238)
+* Make the CSRF mail a bit more friendly [#7238](https://github.com/diaspora/diaspora/pull/7238) [#7241](https://github.com/diaspora/diaspora/pull/7241)
 
 ## Bug fixes
 * Fix fetching comments after fetching likes [#7167](https://github.com/diaspora/diaspora/pull/7167)
diff --git a/config/locales/diaspora/en.yml b/config/locales/diaspora/en.yml
index 8726ce2f9..116569af7 100644
--- a/config/locales/diaspora/en.yml
+++ b/config/locales/diaspora/en.yml
@@ -715,9 +715,11 @@ en:
       body: |-
         Hello %{name},
 
-        diaspora* has detected an attempt to access your session which might be unauthorised. This might be completely innocent, but it could be a cross-site request forgery (CSRF). To avoid any chance of your data being compromised, you have been signed out.
+        diaspora* has detected an attempt to access your session which might be unauthorised. To avoid any chance of your data being compromised, you have been signed out. Don’t worry; you can safely sign in again now.
 
-        A request made using a incorrect or missing CSRF token can be caused by:
+        A request has been made using a incorrect or missing CSRF token. This might be completely innocent, but it could be a cross-site request forgery (CSRF) attack.
+
+        This could have been caused by:
 
           - An add-on manipulating the request or making requests without the token;
           - A tab left open from a past session;
@@ -727,8 +729,6 @@ en:
 
         For more information on CSRF see [%{link}](%{link}).
 
-        Don’t worry; you can safely sign in again now.
-
         If you see this message repeatedly, please check the points above, including any browser add-ons.
 
         Thank you,