I received an interesting email earlier today from the PinoyBlogosphere mailing list. It was from a blogger named Louie and it was about an email he supposedly received from his hosting provider BlueHost asking him to update his account to avoid suspension. As soon as I saw the subject of the email, I knew it was something phishy. Here’s the email:
During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your account information.
Please update and verify your information by clicking the link below:
If your account information is not updated within 48 hours then your ability to access your account will become restricted.
Â© 2003-2009 BlueHost.Com. All Rights Reserved
Designated trademarks and brands are the property of their respective owners.
When I hovered my mouse of the link http://www.bluehost.com, the URL it was pointing to was not Bluehost’s URL but instead a domain with a ru extension – http://www.uralitel.ru//img/bluehost.htm. My suspicions were correct, this was a phishing email trying to get BlueHost customers to login to this phishing site and provide their login details. Phishers usually use scare tactics to trick potential victims. In this particular email, they try to scare the user with the subject line “Update Your Account To Avoid Suspension”.
Below are screenshots of the original Bluehost website and the bogus phishing site.
The phishing site seems to have some issues with the images but as you can see, it was designed to look exactly the same as the real BlueHost website to fool potential victims and make them think they’re really logging in to BlueHost.
If you’re currently a BlueHost customer, be careful of this certain email. I’m sure Louie is not the only BlueHost client who received or will be receiving this email. Phishing emails are very common nowadays and I receive a lot of them supposedly from PayPal, Amazon, eBay, etc and turn out to be a phishing email.
As a safe practice, in case you receive an email from your hosting provider or any site that asks you to update your account details or login via a link on the email, DO NOT click on the URL/link provided in the email. Instead, open your browser and type in the URL yourself and login from there. Its always good to practice safe computing and always better to be safe than sorry. Btw, in case you accidentally logged in to the phishing site with your account details, inform the legit site about it and if possible, ask them to change all your account details, especially the username and password to avoid your account being compromised.
I’m blogging about this to spread awareness regarding this type of phishing emails and so that BlueHost clients and other hosting provider’s clients would be more careful when dealing with these types of emails.
Anyone who’s on BlueHost and have received this email recently? Were you able to detect that it was a phishing email?
[image credit: Stephanie Creelman]