Phishing attacks that target our customers are becoming more common. Here are the scam emails that we're aware of, and some advice for keeping your account safe.
Please be vigilant. SiteHost customers are receiving more and more phishing emails, which appear to be from us but are in fact spam from scammers. They contain links to fake "SiteHost" websites where the attackers hope that you'll give away your password or credit card details.
We'll post a warning further down this page whenever we learn about new attack.
There are some simple steps you can take to protect your SiteHost account and your stored credit cards.
The only genuine SiteHost website domains are:
sitehost.nz
sitehost.co.nz
site-host.com.au
sitehost-status.net, which does not contain a login link.
cp.sitehost.nz is where all account activity is managed. It's the only subdomain where we ask for credit card information.
cp.sitehost.nz and webmail.sitehost.co.nz are the only two subdomains where we ask you to log in.
There are no other SiteHost websites or portals.
Two factor authentication (2FA) ensures that, even if your password is stolen or leaked, no-one can log into your SiteHost account without access to your phone.
Any SiteHost account holder can set up 2FA for themselves. Account administrators can enforce 2FA for all the contacts on their account.
See how to set up and manage two factor authentication in the Knowledge Base.
We believe that scammers sometimes gather our customers' email addresses from domain WHOIS details. By adding Privacy Protection you can hide these contact details and cut down on the amount of spam you receive.
If you've received a suspicious email that isn't listed below, please forward it to support@sitehost.nz. We'll confirm whether it's genuine, and put a warning out to customers if not.
Date: 22 March 2025
Subject line: You have received a new message from sitehost Support.
Link text: 'Log in to your account'
Target: Your login details, harvested via a copy of our login screen.
Date: 30 January 2025
Subject line: 'Your Service Will Be Suspended Without Payment.!'
Sender: mailer@tactictradehub.com
Link text: 'You can pay by visiting your direct link...'
Target: Your credit card details, harvested via a convincing copy of our Billing Information screen.
Date: 21 November 2024
Subject line: 'Important: Your sitehost.co.nz Email Storage is Full!'
Apparent sender: Email Support sitehost.co.nz (thunderbaybasements.com)
Link text: https://mail.sitehost.co.nz/increase-storage
Target: Your login details.
Date: 17 November 2023
Subject line: 'Note on service renewal'
Apparent sender: SiteHost <info@sitehost-service.com>
Link text: 'Log in To Control panel'
Target: Your login details.
If you've received a suspicious email that isn't listed here, please forward it to support@sitehost.nz. If it's genuine, we'll let you know. If it's not, we'll add it to this page.