We would like to take this opportunity to warn you to be extra careful when surfing the Web and in the way you deal with incoming e-mails. Some forms of phishing are highly sophisticated and can be confusing even for Web experts.
Fortunately, there are a few precautions you can take to avoid falling prey to the scams that abound on the Web.
How Can You Tell if an E-Mail is Suspicious?
There are a few clues that should tip you off. Here are just a few.
- The source of the e-mail. While it is not unusual to receive a message from someone you do not know, an unfamiliar e-mail address should make you wonder.
- Suspicious links and unexpected attachments. Take the time to move your mouse over any link in the e-mail, without clicking on it: ask yourself whether the address that appears in the tooltip corresponds to the link typed in the message. If in doubt, never open attachments.
- Faulty spelling and grammar. If you were running a company, would you send your customers communications full of spelling and grammatical errors? Certainly not, as this would damage your professional image. Such errors are further clues, as fraudsters often awkwardly translate into English the message they wish to convey in order to impersonate an organization. Sometimes they even deliberately make mistakes to bypass automatic systems designed to block their attacks.
- Generic greetings. Nowadays, it is easy for an organization doing business with you to personalize an e-mail with your name. If the message starts with “Dear Sir or Madam”, it could be a sign of a phishing attempt.
- Mismatched domains. Sometimes an e-mail pretends to come from a reputable company, such as Microsoft or your hosting provider, when it is actually being sent from another e-mail domain, such as outlook.com or microsoftsupport.ru. Misspellings of the legitimate domain name are particularly treacherous too. This classic example from Microsoft speaks for itself: in micros0ft.com, the second “o” has been replaced by the number 0.
- Urgent call to action. Beware of e-mails that ask you to click, call or open an attachment immediately. Scammers know human psychology: whether it is to receive an alleged reward or avoid a penalty, creating a false sense of urgency encourages the potential victim to neglect to think before acting.
- Banner indicating that the sender could not be verified. E-mail tools such as Outlook display this banner when the e-mail header is suspicious. There are many reasons for this: the e-mail may have failed authentication according to commonly accepted standards, the “From” field may contain a value that deviates from industry standards, and so on. In this case, you need to be extra cautious about the content of the e-mail, since it was impossible to automatically verify that it came from a reliable sender.
As old as it is, this quote still applies in our world of ultra-sophisticated technology: “When in doubt, abstain”.
Phishing Campaign
We have identified at least two phishing campaigns targeting our customers! In fact, fraudulent e-mails were sent to them asking, within a short period of time, to renew their services with PlanetHoster and, more recently, their domain names.
What Should I Do If I Receive Such An E-mail?
To avoid any risk, here are our recommendations if you receive renewal-related e-mails from PlanetHoster:
- First of all, to be on the safe side, never click on links or download attachments from dubious messages.
- Next, access your customer area (https://my.planethoster.com) and check two things:
- if genuine, the communication you have just received should also appear in the My Account / Communications section, alongside all our official communications;1
- the renewal date of the domain or service in question must match the information in the customer area. If in doubt, we invite you to open a ticket and ask one of our agents to check.
- Finally, if you think you have clicked on a phishing e-mail:
- we invite you to change your e-mail account password as soon as possible, as a preventive measure;
- if you suspect you have entered confidential information, we strongly recommend that you change your profile password.
Why Did I Receive This E-mail?
Some users wonder how a malicious person could have contacted them.
In fact, malicious robots (bots) continually scan the Web for e-mail addresses and use these to send them phishing attempts of all kinds (Google, eBay, PayPal, etc.). As a result, even people who are not PlanetHoster customers have received the phishing e-mail we are talking about here!
Malicious people also exploit the possibilities offered by a WHOIS search. Such searches enable them to find out when a given domain was registered and when it is due to expire, making it easier for them to fabricate a credible e-mail. To prevent this problem, you can activate the private WHOIS on your domain name.
Can I Protect Myself Better?
Basically, rest assured: your e-mail address is safe with PlanetHoster. In addition to our various internal security systems, we have a bug bounty security program: https://bugcrowd.com/planethosterinc. It enables security experts to test our installations.
To further enhance their protection, we offer our customers the option of activating two-factor authentication and restricting their account to a fixed IP address, free of charge. We also offer them the option of activating registry lock for domains deemed most critical. These protection modes are highly recommended.
In conclusion
These days, surfing the Web and dealing with incoming e-mails are becoming increasingly complicated due to security concerns. However, taking a few basic rules into consideration will help to put the odds in your favor:
- learn to recognize the signs of fraudulent e-mails;
- do not click on a URL, but go to the official PlanetHoster site instead;
- if in doubt about renewal dates, ask our agents by creating a ticket;
- change your passwords regularly;
- activate private WHOIS on a domain name;
- activate two-factor authentication, use IP address access restrictions and activate the registry lock when needed.
We thank our customers for their trust and wish them a happy Valentine’s Day with lots of love and positive energy!
- The fact that you cannot see the renewal notice on it proves that it did not come from PlanetHoster! ↩︎
