Targeted Phishing – Be Aware

Today we've seen a targetted phishing attempt against our customers, get more information about it and protect yourself with 2FA.

Ben calendar Apr 29, 2020 book News

Today we have seen what looks to be a serious and widespread attempt at targeting our customers with a phishing email. The email used SiteHost branding, threatened account suspension and encouraged the recipient to click a fake link to our Control Panel that redirected to a phishing website.

While we’re not aware of this phishing attempt having any success and the website has already been shut down we’re still watching closely. If you believe you may have clicked the link and filled out the form please let us know, there’s no shame in this, we just want your accounts to be secure.

This is also a timely reminder to enable two factor authentication on your account (and your accounts around the internet), it is the single biggest thing you can do to protect yourself against these sorts of attacks. Having two factor authentication on your account means even if someone gets hold of your username and password they still won’t be able to log in unless they also have your second factor device (usually your phone). It’s simple, fast and free to set up, just follow the steps in our knowledge base.

At the moment we believe the email addresses used in this attempt were harvested via leaked databases (such as LinkedIn et al) and compared with whois information to build a list for the attempt and not through any method that raises security concerns. One of the key reasons for this is we received an attempt to one of our own email addresses that is not stored in our system and only exists on a domain we have registered elsewhere for redundancy purposes.

We’re thankful that one of our eagle eye customers spotted the email and raised it with us, allowing fast action to be taken. You can see a copy of the email below for reference and as always if you have any questions or concerns please get in touch.

The phishing email - see if you can spot all the ways you could know it's not from us. We spot around six.

PS: Enable Two Factor Authentication
PPS: Seriously, Enable 2FA

Latest News

Occasionally we find time to write about what we've been working on, lessons we've learnt or just something interesting we have found.

News

International Domains & ICANN What's Going On?

The international domain name market is going through some changes and as a new team member Tracy was tasked with digging in and finding out what's going on. Here's what she found.

Read More
News

How We Deal With DDoS Attacks

In light of the recent DDoS attack on the NZX more than a few of our customers have asked us how SiteHost mitigates DDoS attacks. So we thought we might put out a little post explaining what goes on behind the scenes at SiteHost should this ever happen to you.

Read More
News

New in Cloud Containers: Simple Cache & Port Management

Introducing Port Management, Settings UI and Simple Cache, the easiest way to boost performance.

Read More

People Sharing The Love

People saying nice things about us is always great to hear, but when they say it publicly without us asking it's even better.

Regan Murphy @nzregs

@Indy_Griffiths now thats what i call great, and fast, #CustomerService - nice work @sitehostnz !!

Mitch Cooper @mitchcooper

Really impressed with the upgrades to @SiteHostNZ's VPS plans. The easy switch up was magical too! http://t.co/p5t2hmu