We’ve been alerted that some HostPapa customers have received an email from someone pretending to be from HostPapa, asking them to renew their domain names, click a button, and fill out an online form to avoid their service being terminated. Although this document may look official, we highly recommend being very careful and checking with us first to confirm if it’s valid, as this could be a phishing email.
- Don’t click on any link within the email or input login details or payment information.
- Don’t download any attachments that go with the message. Attachments may contain malware such as viruses, ransomware, or spyware.
- Don’t reply to the sender. Please ignore any requests the sender may ask and do not call the phone numbers mentioned in the message.
- If you haven’t already done so, please change your passwords immediately. If you need help changing your password or configuring email client settings after password changes, please follow the instructions in the below articles:
- Gather the email header of the suspicious email following the instructions in the below article:
- Please forward the copy of the suspicious email (or a screenshot) along with the full header (important) to firstname.lastname@example.org so we can work on tracing the sender. Once you’ve done that, please report the sender and block them from the servers.
- We also suggest taking a quick look at your domain name status by checking the renewal date of your domain name within your HostPapa dashboard to confirm if it’s due for renewal or not:
- Log in to your HostPapa Dashboard.
- Go to the My Domains tab.
- Look for the domain name from the list, then click Manage on the right-hand side.
- From there, it will display the details of the domain name, such as the expiration date.
Note: If you’ve registered your domain name with HostPapa, you’ll never have to pay a separate company to renew that name.
- If you’re unsure if the message you received is legitimate, please feel free to contact us anytime. We’re open 24/7 via our official support channels:
- It’s highly recommended that you run malware/virus scans on your computer/devices from time to time.
- To avoid any attacks or unauthorized scripts (such as trojans) on your computer, as well as malware on your website, keep software programs, such as antivirus, up-to-date. You can do this by installing software patches so that attackers can’t take advantage of known problems or vulnerabilities. Many operating systems and software offer automatic patches. Hackers are looking for ways to access your personal information and will attempt to get it through known vulnerabilities.
- Change your passwords regularly.
- Check the email address of the message’s sender by hovering your mouse cursor over the sender’s name and verifying that what appears matches the sender’s name. Malicious actors often “spoof” the return address, making it look like the message came from someone else.
- Avoid filling out forms that appear in emails or providing personal information through email, as security in email is low.
- Check whether the email was authenticated by the sending domain. Click on the ‘show details’ link in the right-hand corner of the email, and make sure the domain you see next to the ‘mailed-by’ or ‘signed-by’ lines matches the sender’s email address. If an email is being legitimately sent from HostPapa, it will come from a HostPapa domain name (for example, email@example.com) or HostPapa’s dedicated support domain firstname.lastname@example.org.
- If an email asks you to “click a link” to open your account, please be aware that this link might take you to a phishing site. If you’re not 100% comfortable with the source of the email or URL (web address) contained in the email, DO NOT click on the URL. Instead, open a new web browser and go directly to the website to access your account.
- Make sure the URL or website that’s provided in the email is correct, and click on any images and links to verify that you’re directed to the proper pages within the website.
- Always look for the “closed lock” icon in the status bar at the bottom of your browser window whenever you enter any private information, including your password. Ensure the URL is secure and starts with https:// before entering personal information. Double-click the padlock icon in the browser window frame. A security certificate will pop up. On the “General” tab of the certificate, verify that the domain and company name are what you expect.
- If you’re still uncertain, contact the organization from which the message appears to have been sent. Don’t use the reply address in the message since it can be forged. Instead, visit the official website of the company in question, and find a different contact address or phone number.
Phishing involves using emails and websites that impersonate the email and websites of organizations with which the target victim already has current dealings. The goal is to gather personal information to impersonate the target victim for unauthorized purposes.
The impersonating email (“phishing email” or “phish-mail”) lures target victims to an impersonating website (“phishing site” or “phish-site”). At the phishing site, target victims are asked to divulge confidential information, such as their account name or number, password, mailing address, birth date, credit card number, social security/insurance number, mother’s maiden name, and so on.
The information obtained may be used to impersonate the victim while committing fraud, identity theft, theft of services, spamming, corporate espionage, and other crimes.
Conventional phishing involves sending mass amounts of impersonal phishing emails. The small percentage of phishing email recipients who already deal with the organization being impersonated is the target victims.
Targeted phishing (“spear-phishing”) involves sending the target victims personalized emails. At the phishing site, the target may even be greeted by name.
Including a few personal details in a targeted phishing email and on the targeted phishing site greatly increases the likelihood that the target can be lured into divulging additional confidential information.
- Asking for personal information. The fraudsters may ask you to provide your username and password or other personal information (e.g. Social Security/insurance number, bank account number, PIN number, credit card number, mother’s maiden name, or birthday). Even if they appear to be from a legitimate source, or contain an official-looking webpage, be careful. Spammers often ask for this information in an attempt to steal your personal information, your money, your credit, or your identity.
- Different sender email addresses than the company name. A business will use a professional email address related to its company name, such as email@example.com. If the display name differs from the email address (ex. Hostpapa <firstname.lastname@example.org>), you can consider it a phishing email. Please also be observant of the spelling of the sender’s email address (ex., instead of @hostpapa.com, they can use @h0stpapa.com).
- Requesting to take urgent action or giving termination threats. Be suspicious of any “urgent” requests, such as “we will terminate your account,” “your account will be deleted if you do not provide us with this information,” or “take immediate action.”
- Generic greetings. If you have a service hosted with a company, they should know your name and start the email by mentioning it in the greetings. If they use generic openings such as “Dear Sir or Ma’am,” that’s a red flag.
- Misspellings and incorrect grammar. Professional companies will ensure that they provide high-quality content, so the email shouldn’t be grammatically incorrect or have incorrect spelling.
- First-time or unusual senders. If you received an email from someone you know who usually doesn’t often send an email or from another person for the first time, this might be a possible phishing scam, so please be very careful when opening it.
- Suspicious links, buttons, or unexpected attachments. If an email contains buttons or links asking you to click on it to make a payment or log in, please do not click on it.
Note: HostPapa only asks for and accepts payments made via the account holder’s dashboard.
If you need help with your HostPapa account, please open a support ticket from your dashboard.