cPanel Phishing Email Scam: Learn or get burned
cPanel users are being targeted by scammers. Here is information on how to spot these underhanded emails to keep your account safe.
What’s the scam?
cPanel clients are receiving official looking emails that ask them to sign into their cPanel account to accept new terms and conditions, security updates, account verification, or other concerns. However, the emails contain links to a fake cPanel login page and when you sign in you are actually giving your login information to criminals.
What to look for
As you can see, the email looks fairly official.
But there are a few things to look for:
Real emails from cPanel will never contain typos. For instance, you will notice that in the example cPanel is written as “CPanel”.
You can also inspect the link in the email which will often be a little off, e.g. cpanelcom.com or realcpanel.com. This same red flag may also appear in the email sender's address.
What should I do: always play it safe
Our clients should only ever log into their cPanel account through the WHC Client Area or the direct access cPanel link contained in the welcome email for their Canadian hosting, cloud, dedicated or reseller accounts. You can also enter the cPanel login link directly into your browser’s address bar. It will look like: www.yourdomain.com/cpanel (replace yourdomain.com with your actual domain name).
If you have trouble finding the welcome email, simply contact us by phone, email or chat and we will resend you the email. For security reasons we will not provide the information over the phone or chat and the welcome email can only be sent to the email address connected to the account.
If you believe you have received a phishing email you can report the issue to Google and Microsoft by providing them with the link. You can also reach out to our support team if you suspect foul-play and we can confirm whether the link or email is legitimate.
Keep an eye on your emails and stay safe!