Targeted Phishing – Be Aware

Today we've seen a targetted phishing attempt against our customers, get more information about it and protect yourself with 2FA.

Ben calendar Apr 29, 2020 book News

Today we have seen what looks to be a serious and widespread attempt at targeting our customers with a phishing email. The email used SiteHost branding, threatened account suspension and encouraged the recipient to click a fake link to our Control Panel that redirected to a phishing website.

While we’re not aware of this phishing attempt having any success and the website has already been shut down we’re still watching closely. If you believe you may have clicked the link and filled out the form please let us know, there’s no shame in this, we just want your accounts to be secure.

This is also a timely reminder to enable two factor authentication on your account (and your accounts around the internet), it is the single biggest thing you can do to protect yourself against these sorts of attacks. Having two factor authentication on your account means even if someone gets hold of your username and password they still won’t be able to log in unless they also have your second factor device (usually your phone). It’s simple, fast and free to set up, just follow the steps in our knowledge base.

At the moment we believe the email addresses used in this attempt were harvested via leaked databases (such as LinkedIn et al) and compared with whois information to build a list for the attempt and not through any method that raises security concerns. One of the key reasons for this is we received an attempt to one of our own email addresses that is not stored in our system and only exists on a domain we have registered elsewhere for redundancy purposes.

We’re thankful that one of our eagle eye customers spotted the email and raised it with us, allowing fast action to be taken. You can see a copy of the email below for reference and as always if you have any questions or concerns please get in touch.

The phishing email - see if you can spot all the ways you could know it's not from us. We spot around six.

PS: Enable Two Factor Authentication
PPS: Seriously, Enable 2FA

Latest News

Occasionally we find time to write about what we've been working on, lessons we've learnt or just something interesting we have found.

News

Our new ICANN accreditation will shorten the domain supply chain

Deregulation and market concentration are reshaping the domain industry, so we're working to improve our position.

Read More
News

International domain prices are on the move

Because we’re being charged more by our providers, we are increasing some international domain prices from July 1.

Read More
News

Positive numbers from our first year of solar power

Now that our 384 solar panels have had their first trip around the sun, Quintin Russ explained to NZNOG how it all came together and how well the numbers stack up.

Read More

People Sharing The Love

People saying nice things about us is always great to hear, but when they say it publicly without us asking it's even better.

Ross Hawkins @rosshawkins

Weee thanks @sitehostnz for a control panel and service that makes remote provisioning slightly less scary :)

Darryl Hamilton @LordP

@aurynn SiteHost (@sitehostnz) are awesome, highly recommended