I guess it had to happen! phishing scammers are now targeting business owners' webhosting usernames and passwords. This lets them use your website to host viruses, add links to malicious sites or send spam.
Most people are aware of phishing email scams that target your bank passwords. However this new nasty idea of targetting website owners is easier to get caught by. Basically by sending an email with web hosting jargon they aim to con website owners into revealing their login details. Please read the full article for simple tips on spotting the scam.
As always check links carefully and if any email seems suspicious please always check with us first. We much prefer to answer questions now than hear about any disaster later!
I guess it had to happen! phishing scammers are now targeting business owners' webhosting usernames and passwords. This lets them use your website to host viruses, add links to malicious sites or send spam.
Many people are aware of phishing email scams that target your bank passwords. However this new nasty idea of targetting website owners is harder to spot.
By sending an email with web hosting jargon they aim to con website owners into revealing their login details.
How does the web hosting Phishing Scam work?
Scammers setup a fake login screen on a separate site that they control. They send you a fake web support email asking you to login.
If you are fooled and login on the fake site then they have your username and password.
How can I spot the fake hosting login page?
Number One
Carefully check the domain name. If it isn't your exact domain name or artful.net.au then its not ok to use. If in ANY doubt please call us 1300 278 385 or Nicks mobile 0438 224 054
In the example screen you can see the domain name is .ro ie Romania! So its really easy to spot as a fake. Most Phishing sites are hacked so their owners are completely unaware their site is being used to scam hosting passwords. The scammers don't want the owners to know because as soon as they do the fake pages will be removed. This one is a Romainian travel agent.
Number Two
The other givaway is the third field asking for your domain name. Normal webhosting logins will never ask for your domain name. Your webhost already knows your domain name and its linked to your login. The scammers have to ask for your domain name since they are really your webhost. They are basically asking you to tell them your domain so they can go and break into it.
Oops I think I already clicked it!?
If you have already given your login details contact us immediately 1300 278 385 or Nicks mobile 0438 224 054 (or urgently contact your webhosting provider). We'll reset your logins and check the site for any malicious content to be removed. If the site is hacked and is hosting malicious content your whole website will be blocked by Google and often by other security programs eg Nortons, as well.
Sample Web Hosting Scam Email
Thanks to our friends at Homestay in Sydney for passsing the hosting scam email on.This particular email is badly written and full of spelling errors. So its reasonably easy to spot. However these scams always evolve and future versons will be more believeable and beter written. So its good to follow the two tips above.
-----Original Message-----
From: cPanel
Sent: Friday, 14 September 2012 4:24 AM
Subject: We have detected a slight error in your Hosting account information.
Hi,
*** You should have a working homepage on your site within 15 days from signup, otherwise your account could be deleted by staff. Reason for this is for your own benefit so that you don't put off the work and ultimately never get it done.
===================
Login information:
===================
To log into your control panel, go to:
http://www.REMOVED-DO-NOT-CLICK.ro/news/cPanel/login/?Register/Checkin.aspx?EventID=1101227
WebHosting Team.
-----
Did you know that we carry out regular security audits on all Joomla & Wordpress websites we host?
