The Small Business Website Guy

  • Home
  • Blog
  • About
  • WordPress Help
  • Services
    • WordPress Help
    • Hacked Site Cleanup
    • Website Management Program
    • Domain Registration
    • Web Hosting
  • Testimonials
  • Contact Us

February 18, 2015 by John

Hostgator Phishing Scam

I received an email today that turned out to be a Hostgator phishing scam. The email informed me that Hostgator had received a request to change the name servers on one of the domains belonging to me.

The email was pretty cleverly constructed and likely would have fooled me except that I couldn’t think of a reason why Hostgator would have received a request from anyone to change the name servers on that particular domain, or any other I own, for that matter.

Another suspicious bit of the email was a reference to Domain Back Orders. I never back order domains and it didn’t make sense that if I had back-ordered the domain I’d have been notified of a request to change the name servers. After all, if it’s back-ordered, I don’t own it yet, so why would I care?

I checked the domain and the name servers were as they should be. I checked the site and it’s up and running. So, nothing had been changed.

Finally, I checked the link that was provided in the email. The visible text looked legitimate, but the real URL was hidden by the HTML in the email. Hovering over the URL in the email displayed the real URL in the browser status bar and gave away the scam. The URL was something like:

http://somedomain.ru/wp-includes/gibberish.php?parameter-string

Not even close to “hostgator.com”, eh?

Just a warning to be very suspicious of emails you receive that provide links to “fix” something in your account with whoever allegedly sent the email. If it feels “off” in any way, it probably is.

This particular phishing email was very well constructed. It included my name and a domain that I own which made it look fairly legitimate. The information was obviously gathered from the domain registration information to add an air of authenticity to the email. The domain is not privately registered, so the information is public knowledge. Had I not been familiar with how domain registration works, I might not have seen through the scam.

Be careful out there!

John Sawyer

Photo credit: David Castillo Dominici via freedigitalphotos.net

Like this post?  Sign up below to be notified when new posts are published:

[email protected]
John

Share this post:

TwitterFacebookLinkedIn

Filed Under: Phishing, Safe Computing Tagged With: domain registration, hostgator, phishing, phishing scam

Select Module

Recent Posts

  • Protect Yourself From Router Exploit
  • Is GDPR Compliance The Problem?
  • Warning! WordPress 4.9.6 Is Coming
  • MalwareBytes Update Issue
  • Google Issues New HTTPS Guidelines

Find Your Domain

Find a domain starting at $0.48

powered by Namecheap

Reach new audiences and grow your following

Privacy Policy | Terms of Use

Copyright © 2007-2021 by Chon Resources – All Rights Reserved Worldwide

We use cookies for various purposes including analytics and personalized marketing. By continuing to use the service, you agree to our use of cookies. - Privacy Policy
Protected by WebARX