The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fake cPanel MySql Server Warning Email

Discussion in 'Security' started by Drake, Aug 5, 2013.

  1. Drake

    Drake Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Hello folks,

    I don't know where this thread should go. Please move it if the Forum Admin wants to.

    Warning: I'm just looking out for any newbies well being. So don't hammer me if I'm too quick in ringing the fire alarm.

    Just in case this id a malicious email tricking a new cPanel / WHM user or company assistant, I'll call it a warning until I know otherwise.

    I have received 2 Fake cPanel Server Alert / Service Failure emails.

    The person sent them to the wrong email address so I knew something was fishy and I don't host the domain mentioned either.

    There is a hyperlink in there that attempts to look like a cPanel login or cPanel hook.

    Tell your "new employees" or "helpers" who wouldn't spot this as a fake because to them it looks almost like a real Server Warning email.


    If it is a malware link, I'm sure that non- cPanel server owners or users also received it.


    HERE IS ONE SAMPLE: (Source code included afterward)

    #####################

    [snipped]
     
    #1 Drake, Aug 5, 2013
    Last edited by a moderator: Aug 5, 2013
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,453
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hi Drake,

    Thanks for your concern and looking out for others. I've edited your post to remove the actual details, no need for them here.

    Please feel free to open a ticket to cPanel Customer Support for this sort of thing:
    Help | cPanel, Inc.

    The ticket system is best as they can track reports of this nature better, and take action as needed. These sorts of emails are not new, they have come up from time to time over the years.
     
  3. Drake

    Drake Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    New Jersey
    cPanel Access Level:
    DataCenter Provider
    Hi, Thanks for the concern about any info you would consider sensitive to our operation. However the only give-away's were the source code leading to one of the phishers. I had wanted any new cPanel users to know this is happening and not be taken for a ride. It's not just the tech-shop, data center or hosting operation who can receive these emails, but any cPanel machine hosted end user could be a potential target. Any of those end users who actually use their cPanel could include the owner of a garden center, automobile repair shop or accountant's office who have their domain on a cPanel server and aren't familiar with the titles and look of real cPanel alerts, warnings, or reports. These bogus emails targeting cPanel server domains, says nothing bad about cPanel. Nest week phisher or spammer might be targeting garden centers or automobile repair shops for one thing or another, regardless of what server control software is in use.

    Simply put, it's important for email recipients to know what they are receiving, then act on it accordingly.

    We've printed a bogus warning email to a PDF and tossed it on a server. People may view it if they decide or not if they don't care.


    All my best.
    Regards,
    Drake Pallister
     
  4. inthukha

    inthukha Well-Known Member

    Joined:
    Jul 17, 2013
    Messages:
    61
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Hello,

    This types of emails are received in millions numbers to many users. its just a new spam technique to promoting illegal or blacklisted or virus infected websites. in future, you may receive emails regarding Paypal account, Lottery win etc. so just ignore this emails nothing worry.
     
Loading...

Share This Page