SiteHost
Go back

PHISHING ALERT: SiteHost customers, and their credit cards, are a target

.
/
Date

A number of our customers are reporting phishing emails that link to a replica of our payments page. Please take care.

.

This morning a number of SiteHost customers have received a phishing scam with our name on it. You are a target if you have received an email from mailer@tactictradehub.com with the subject line "Your Service Will Be Suspended Without Payment.!"

This email is not from us. Please report it as spam, delete it, and most definitely don't click any links.

The link opens a convincing copy of our Billing Information screen. This fake page, which is not on cp.sitehost.nz, is a scam. Any credit card details that you enter will be harvested. We are trying to get the offending page taken down.

Always double-check any message you're not sure about

Scams have a habit of evolving over time, so this attack might continue with different email subject lines or sender details. It's always best to be careful.

Thanks to people doing the right thing, we have had a lot of contact about this email.

Whenever a message appears to be from us but doesn't seem right, it's best to check with our Support Team. You'll get a quick answer and you'll avoid traps.

Genuine SiteHost domains

After you've clicked a link to a page that looks like ours, take a look in the address bar to check. The only genuine SiteHost website domains are:

  • sitehost.nz

  • sitehost.co.nz (which redirects to sitehost.nz)

  • site-host.com.au

  • sitehost-status.net, which does not contain a login link.

Do not trust links to any other domains.

Subdomains

Rather than list all our subdomains here, just remember that:

  • cp.sitehost.nz is the subdomain for the SiteHost Control Panel. This is the only subdomain where we ask for credit card information.

  • cp.sitehost.nz and webmail.sitehost.co.nz are the only two subdomains where we ask you to log in.

A reminder about 2FA

Previous phishing attempts with our name on them have targeted passwords rather than credit card details.

Two factor authentication (2FA) ensures that, even if your password leaks out, no-one can log into your SiteHost account without access to your phone.

Any SiteHost account holder can set up 2FA for themselves. Account administrators can enforce 2FA for all the contacts on their account.

See how to set up and manage two factor authentication in the Knowledge Base.