{"id":49741,"date":"2018-06-26T13:23:50","date_gmt":"2018-06-26T18:23:50","guid":{"rendered":"https:\/\/blog.cpanel.com\/?p=49741"},"modified":"2018-06-26T13:23:50","modified_gmt":"2018-06-26T18:23:50","slug":"how-to-spot-a-phishing-email","status":"publish","type":"post","link":"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/","title":{"rendered":"How to Spot a Phishing Email"},"content":{"rendered":"<p>A new well-designed phishing email has been aimed at cPanel users recently, and we want to help all of our users stay safe.<\/p>\n<h2>What is Phishing?<\/h2>\n<p>Phishing, by definition, is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Phishing emails can be sent to any email address. The most effective phishing emails make use of e-mail spoofing, where the &#8216;from&#8217; address that your mail clients display seems to be valid. These emails will include a link that directs users to enter details at a fake website. This fake website will have the same look-and-feel as the legitimate one and are often nearly identical to the real one.<\/p>\n<h2>How Phishing Emails Affect cPanel Users<\/h2>\n<p>With cPanel &amp; WHM powering more than 1\/3 the websites on the internet, cPanel users are some of the easiest targets out there. We take steps to help end users more easily weed out some of the obvious offenders by using strict SPF records, but that doesn&#8217;t prevent all attacks. Education, reporting, and mitigation is key to preventing the effectiveness of these attacks.<\/p>\n<h2>What to do if you get a Phishing Email<\/h2>\n<p>The first step if you think you&#8217;ve received a phishing email is to confirm it.<\/p>\n<ul>\n<li>check the full email headers for the &#8216;Sender&#8217; address\n<ul>\n<li>Namecheap has a solid article on\u00a0<a href=\"https:\/\/www.namecheap.com\/support\/knowledgebase\/article.aspx\/858\/2194\/how-to-get-email-headers\">how to find headers in different email applications<\/a><\/li>\n<li>These headers include all kinds of information, so don&#8217;t worry if not all of it makes sense.<\/li>\n<\/ul>\n<\/li>\n<li>check for links, logos, typos included in the email\n<ul>\n<li>Typos, misspellings, and incorrect capitalization (e.g., CPanel or Cpanel, vs. the correct cPanel) are red flags<\/li>\n<li>URLs or names that aren&#8217;t quite right (e.g., cpanelcom.com therealcpanel.com) are red flags<\/li>\n<\/ul>\n<\/li>\n<li>report the email and the URL\n<ul>\n<li>Report the URL to\u00a0<a href=\"http:\/\/www.google.com\/safebrowsing\/report_phish\/\">http:\/\/www.google.com\/safebrowsing\/report_phish\/<\/a>\n<ul>\n<li>Reporting will block the URL in Chrome, Firefox, Android, iPhone, Google, and more<\/li>\n<\/ul>\n<\/li>\n<li>Report the URL to\u00a0<a href=\"https:\/\/www.microsoft.com\/en-us\/wdsi\/support\/report-unsafe-site\">https:\/\/www.microsoft.com\/en-us\/wdsi\/support\/report-unsafe-site<\/a>\n<ul>\n<li>Reporting\u00a0will block the URL in Edge, Office 365, and Internet Explorer<\/li>\n<\/ul>\n<\/li>\n<li>Forward the email, including the full headers, to\u00a0<a href=\"mailto:reportphishing@apwg.org\">reportphishing@apwg.org<\/a><\/li>\n<li>There are a\u00a0<a href=\"https:\/\/decentsecurity.com\/#\/malware-web-and-phishing-investigation\/\">ton more steps<\/a>\u00a0you can take to help prevent this from impacting anyone else<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>What do they look like?<\/h2>\n<p>An example of a very well designed phishing email is below.<\/p>\n<p><a href=\"https:\/\/blog.cpanel.com\/wp-content\/uploads\/2018\/06\/gdpr_phishing_email.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter\" src=\"https:\/\/blog.cpanel.com\/wp-content\/uploads\/2018\/06\/gdpr_phishing_email.png\" width=\"591\" height=\"378\" \/><\/a><\/p>\n<p>Notice that the content has very few typos, but the &#8216;from&#8217; address has an incorrectly capitalized &#8216;CPanel.&#8217; If you were to click on the &#8216;Accept the new terms&#8217; button, you would be taken to a legitimate-looking form that appeared to be a cPanel login page, but the URL didn&#8217;t have cPanel anywhere it in.<\/p>\n<h2>Oh, no! I put my credentials in there!<\/h2>\n<p>If you fell for the trick (as so many of us have), the first step is to change the password for the impacted account. If you have used that password anywhere else, change your password there, too. Then make a plan to sign up for a password manager and start making unique passwords for each account you have.<\/p>\n<h1>Lets recap<\/h1>\n<p>Phishing attacks&#8230;<\/p>\n<ul>\n<li>often display spoofed email addresses, to trick receivers into believing they are coming from legitimate users<\/li>\n<li>will send users to a site that has a legitimate design, and ask for a user&#8217;s legitimate login, password, other personal details<\/li>\n<li>need to be reported to help reduce their reach<\/li>\n<\/ul>\n<p>If you spot a phishing email, report it! If you spot a phishing email that claims to be from cPanel or sends you to a cPanel login page, report it and then send that email to\u00a0<a href=\"mailto:cs@cpanel.net\">cs@cpanel.net<\/a>\u00a0with the full headers. That way we can track it them as well.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A new well-designed phishing email has been aimed at cPanel users recently, and we want to help all of our users stay safe. What is Phishing? Phishing, by definition, is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity [&hellip;]<\/p>\n","protected":false},"author":77,"featured_media":64981,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[49],"tags":[2101,2105,2109],"class_list":["post-49741","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-products","tag-gdpr-email","tag-how-to-spot-a-fishing-email","tag-phishing"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>How to Spot a Phishing Email | cPanel<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Spot a Phishing Email | cPanel\" \/>\n<meta property=\"og:description\" content=\"A new well-designed phishing email has been aimed at cPanel users recently, and we want to help all of our users stay safe. What is Phishing? Phishing, by definition, is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/\" \/>\n<meta property=\"og:site_name\" content=\"cPanel\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cpanel\/\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-26T18:23:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/devel.www.cpanel.net\/wp-content\/uploads\/2018\/06\/2018.06.22.phishing.png\" \/>\n\t<meta property=\"og:image:width\" content=\"3858\" \/>\n\t<meta property=\"og:image:height\" content=\"1527\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"cPanel Community\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@cPanel\" \/>\n<meta name=\"twitter:site\" content=\"@cPanel\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"cPanel Community\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/\",\"url\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/\",\"name\":\"How to Spot a Phishing Email | cPanel\",\"isPartOf\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/#website\"},\"datePublished\":\"2018-06-26T18:23:50+00:00\",\"dateModified\":\"2018-06-26T18:23:50+00:00\",\"author\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8\"},\"breadcrumb\":{\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/devel.www.cpanel.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Spot a Phishing Email\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#website\",\"url\":\"https:\/\/devel.www.cpanel.net\/\",\"name\":\"cPanel\",\"description\":\"Hosting Platform of Choices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/devel.www.cpanel.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8\",\"name\":\"cPanel Community\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g\",\"caption\":\"cPanel Community\"},\"description\":\"The web hosting industry's most reliable management solution since 1997. With our first-class support and rich feature set, it's easy to see why our customers and partners make cPanel &amp; WHM their hosting platform of choice. For more information, visit cPanel.net.\",\"sameAs\":[\"https:\/\/cpanel.net\"],\"url\":\"https:\/\/devel.www.cpanel.net\/blog\/author\/cpadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Spot a Phishing Email | cPanel","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/","og_locale":"en_US","og_type":"article","og_title":"How to Spot a Phishing Email | cPanel","og_description":"A new well-designed phishing email has been aimed at cPanel users recently, and we want to help all of our users stay safe. What is Phishing? Phishing, by definition, is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity [&hellip;]","og_url":"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/","og_site_name":"cPanel","article_publisher":"https:\/\/www.facebook.com\/cpanel\/","article_published_time":"2018-06-26T18:23:50+00:00","og_image":[{"width":3858,"height":1527,"url":"https:\/\/devel.www.cpanel.net\/wp-content\/uploads\/2018\/06\/2018.06.22.phishing.png","type":"image\/png"}],"author":"cPanel Community","twitter_card":"summary_large_image","twitter_creator":"@cPanel","twitter_site":"@cPanel","twitter_misc":{"Written by":"cPanel Community","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/","url":"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/","name":"How to Spot a Phishing Email | cPanel","isPartOf":{"@id":"https:\/\/devel.www.cpanel.net\/#website"},"datePublished":"2018-06-26T18:23:50+00:00","dateModified":"2018-06-26T18:23:50+00:00","author":{"@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8"},"breadcrumb":{"@id":"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/devel.www.cpanel.net\/blog\/products\/how-to-spot-a-phishing-email\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/devel.www.cpanel.net\/"},{"@type":"ListItem","position":2,"name":"How to Spot a Phishing Email"}]},{"@type":"WebSite","@id":"https:\/\/devel.www.cpanel.net\/#website","url":"https:\/\/devel.www.cpanel.net\/","name":"cPanel","description":"Hosting Platform of Choices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/devel.www.cpanel.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/8cf97408aad4fb70cf55d11a1d4f57f8","name":"cPanel Community","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/devel.www.cpanel.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e1949945083b5526bb95711bd3d616b3?s=96&d=mm&r=g","caption":"cPanel Community"},"description":"The web hosting industry's most reliable management solution since 1997. With our first-class support and rich feature set, it's easy to see why our customers and partners make cPanel &amp; WHM their hosting platform of choice. For more information, visit cPanel.net.","sameAs":["https:\/\/cpanel.net"],"url":"https:\/\/devel.www.cpanel.net\/blog\/author\/cpadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts\/49741"}],"collection":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/users\/77"}],"replies":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/comments?post=49741"}],"version-history":[{"count":0,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/posts\/49741\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/media\/64981"}],"wp:attachment":[{"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/media?parent=49741"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/categories?post=49741"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devel.www.cpanel.net\/wp-json\/wp\/v2\/tags?post=49741"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}