Targeted Phishing Against GoDaddy Customers

1 minute read

I do get a lot of phishing emails, we all do, but as security professionals we tend to recognize them immediately. Either the syntax is wrong, or it’s missing a name. When you get them from a bank you don’t even deal with that’s a pretty good clue.

However, when the phishing is well done and targeted, the game changes. Today, I received one that was well targeted. It uses my email registered at GoDaddy and my real name. And their guess that I have too many folders is a good one as I do have many test and demo sites.

If this wasn’t bad enough, our users are also reporting that they are receiving similar targeted emails. The emails are all very well written and warn the user about a large number of directories being used on their sites and a possible suspension of their account. This is what the email looks like:

godaddy-phishing

We heard reports of this type of targeted phishing a few months ago, but it seems to be picking up steam lately. Webmasters have to be extra careful not to be fooled by this. This is the full copy of the email:

Dear Valued GoDaddy Customer RealName.

Your account contains more than 5271 directories and may pose a potential performance risk to the server. Please reduce the number of directories for your account to prevent possible account deactivation.

In order to prevent your account from being locked out we recommend that you create special directory.

Or use the link below:

https://mya.godaddy.com/tmp.aspx?doit=6123455

However, when clicked (or moused over), the link actually redirects to a secondary phishing page located at httx://texlavka.ru/includes/data/ourrueatqz.htm asking for your GoDaddy user and password:

godaddy-phishing-page

Are you a GoDaddy customer? Did you receive a similar email with your real name? If you ever need to login to your hosting provider, make sure you go straight to it and do not follow email links.

Spotlight on Women in Cybersecurity

less than 1 minute read

Sucuri is committed to helping women develop their careers in technology. On International Women’s Day, Sucuri team members share their insights into workin...

Hacked Website Trend Report – 2018

less than 1 minute read

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / ...