Targeted Phishing – Be Aware

Today we've seen a targetted phishing attempt against our customers, get more information about it and protect yourself with 2FA.

Ben calendar Apr 29, 2020 book News

Today we have seen what looks to be a serious and widespread attempt at targeting our customers with a phishing email. The email used SiteHost branding, threatened account suspension and encouraged the recipient to click a fake link to our Control Panel that redirected to a phishing website.

While we’re not aware of this phishing attempt having any success and the website has already been shut down we’re still watching closely. If you believe you may have clicked the link and filled out the form please let us know, there’s no shame in this, we just want your accounts to be secure.

This is also a timely reminder to enable two factor authentication on your account (and your accounts around the internet), it is the single biggest thing you can do to protect yourself against these sorts of attacks. Having two factor authentication on your account means even if someone gets hold of your username and password they still won’t be able to log in unless they also have your second factor device (usually your phone). It’s simple, fast and free to set up, just follow the steps in our knowledge base.

At the moment we believe the email addresses used in this attempt were harvested via leaked databases (such as LinkedIn et al) and compared with whois information to build a list for the attempt and not through any method that raises security concerns. One of the key reasons for this is we received an attempt to one of our own email addresses that is not stored in our system and only exists on a domain we have registered elsewhere for redundancy purposes.

We’re thankful that one of our eagle eye customers spotted the email and raised it with us, allowing fast action to be taken. You can see a copy of the email below for reference and as always if you have any questions or concerns please get in touch.

The phishing email - see if you can spot all the ways you could know it's not from us. We spot around six.

PS: Enable Two Factor Authentication
PPS: Seriously, Enable 2FA

Latest News

Occasionally we find time to write about what we've been working on, lessons we've learnt or just something interesting we have found.

News

Keep Calm & Cache covid19.govt.nz

Our story about the small role we played in the early stages of New Zealand's response to COVID-19.

Read More
News

Ubuntu 20.04 LTS Now Available

The latest LTS release of Ubuntu is now available for provisioning.

Read More
News

Targeted Phishing Attempt

Today we've seen a targetted phishing attempt against our customers, get more information about it and protect yourself with 2FA.

Read More

People Sharing The Love

People saying nice things about us is always great to hear, but when they say it publicly without us asking it's even better.

Ross 'not the BBC guy' Hawkins @rosshawkins

Weee thanks @sitehostnz for a control panel and service that makes remote provisioning slightly less scary :)

The Book of Dave @Spudooli

Bloody @sitehostnz goes more mental every year the the Christmas loving. Thanks guys, you give good host! We love you.