diff --git a/src/encryption/VerificationManager.cpp b/src/encryption/VerificationManager.cpp
index 84217e06..8c775948 100644
--- a/src/encryption/VerificationManager.cpp
+++ b/src/encryption/VerificationManager.cpp
@@ -4,6 +4,9 @@
 // SPDX-License-Identifier: GPL-3.0-or-later
 
 #include "VerificationManager.h"
+
+#include <chrono>
+
 #include "Cache.h"
 #include "ChatPage.h"
 #include "DeviceVerificationFlow.h"
@@ -14,6 +17,20 @@ VerificationManager::VerificationManager(TimelineViewManager *o)
   , rooms_(o->rooms())
 {}
 
+static bool
+isValidTime(std::optional<uint64_t> t)
+{
+    if (!t)
+        return false;
+
+    using namespace std::chrono_literals;
+
+    std::chrono::time_point<std::chrono::system_clock> time{std::chrono::milliseconds(*t)};
+    auto diff = std::chrono::system_clock::now() - time;
+
+    return diff < 10min && diff > -5min;
+}
+
 void
 VerificationManager::receivedRoomDeviceVerificationRequest(
   const mtx::events::RoomEvent<mtx::events::msg::KeyVerificationRequest> &message,
@@ -22,6 +39,9 @@ VerificationManager::receivedRoomDeviceVerificationRequest(
     if (this->isInitialSync_)
         return;
 
+    if (!isValidTime(message.origin_server_ts))
+        return;
+
     auto event_id = QString::fromStdString(message.event_id);
     if (!this->dvList.contains(event_id)) {
         if (auto flow = DeviceVerificationFlow::NewInRoomVerification(
@@ -40,6 +60,9 @@ VerificationManager::receivedDeviceVerificationRequest(
     if (this->isInitialSync_)
         return;
 
+    if (!isValidTime(msg.timestamp))
+        return;
+
     if (!msg.transaction_id)
         return;
 
@@ -61,6 +84,10 @@ VerificationManager::receivedDeviceVerificationStart(
     if (this->isInitialSync_)
         return;
 
+    // can't do this for start messages sent as to_device...
+    // if (!isValidTime(msg.timestamp))
+    //    return;
+
     if (!msg.transaction_id)
         return;