Targeted Phishing – Be Aware

Today we've seen a targetted phishing attempt against our customers, get more information about it and protect yourself with 2FA.

Ben calendar Apr 29, 2020 book News

Today we have seen what looks to be a serious and widespread attempt at targeting our customers with a phishing email. The email used SiteHost branding, threatened account suspension and encouraged the recipient to click a fake link to our Control Panel that redirected to a phishing website.

While we’re not aware of this phishing attempt having any success and the website has already been shut down we’re still watching closely. If you believe you may have clicked the link and filled out the form please let us know, there’s no shame in this, we just want your accounts to be secure.

This is also a timely reminder to enable two factor authentication on your account (and your accounts around the internet), it is the single biggest thing you can do to protect yourself against these sorts of attacks. Having two factor authentication on your account means even if someone gets hold of your username and password they still won’t be able to log in unless they also have your second factor device (usually your phone). It’s simple, fast and free to set up, just follow the steps in our knowledge base.

At the moment we believe the email addresses used in this attempt were harvested via leaked databases (such as LinkedIn et al) and compared with whois information to build a list for the attempt and not through any method that raises security concerns. One of the key reasons for this is we received an attempt to one of our own email addresses that is not stored in our system and only exists on a domain we have registered elsewhere for redundancy purposes.

We’re thankful that one of our eagle eye customers spotted the email and raised it with us, allowing fast action to be taken. You can see a copy of the email below for reference and as always if you have any questions or concerns please get in touch.

The phishing email - see if you can spot all the ways you could know it's not from us. We spot around six.

PS: Enable Two Factor Authentication
PPS: Seriously, Enable 2FA

Latest News

Occasionally we find time to write about what we've been working on, lessons we've learnt or just something interesting we have found.

Case Studies

Customer profile: Do Good Things

New Queenstown local Ryan Mitchell wants Do Good Things to be the incubator for an exponentially growing tech scene.

Read More
Case Studies

Customer profile: Voyage

Voyage, an innovative creative studio from Christchurch chat with us about their experience with Silverstripe, Government work and the changing landscape of online business.

Read More
News

New in Cloud Containers: Container Cloning

Now you can easily create a copy of an existing container or synchronise the data between two containers.

Read More

People Sharing The Love

People saying nice things about us is always great to hear, but when they say it publicly without us asking it's even better.

Ryan O'Hara @ohararyan

Awesome working with the team @sitehostnz in the early days of the https://t.co/nVjuNhSPk9 site. These guys are the… https://t.co/cTWLfsZt3C

Darryl Hamilton @LordP

@aurynn SiteHost (@sitehostnz) are awesome, highly recommended