Security is a big thing for us. We do what we can to protect our customers, but at the end of the day, your security is your responsibility. We’ve been made aware that another round of cPanel phishing attempts is happening. It’s also National Information Security Awareness Month, so what great timing to help you secure your digital life!
Identifying phishing emails
Phishing is when someone sends an email that looks legitimate, but it’s actually not from who it says it is and it’s trying to get you to do something – install malware, type in a username and password, etc. They can be a bit tricky sometimes. Like, look at this one:
It looks pretty legitimate, right? Well there are a few red flags. First off, notice the bad grammar. Second, look at the date the email was generated. It’s October. Why would the system generate an alert for March?
When we hover over the link, we see things get sketchy real quick. We’ve enlarged the URL to make it easier to read. That’s not our server. This a link you don’t want to click!
Steps to protect yourself
We offer a type of security called Two-Factor Authentication (2FA) or also commonly called Multi-Factor Authentication (MFA). This is a type of authentication that requires your username, password, and something else to login. That something else can be a time-based token (one of those 6 digit numbers that changes every 30 seconds), or a Yubikey which is a piece of hardware that looks like a flash drive that you insert into your computer’s USB drive and push.
If you don’t already have 2FA setup on your My NodeSpace account, we recommend you do that. You can read our KB on how to set that up. Additionally, you can add 2FA to your cPanel login. Here’s how to set that up.
Oh, and if you feel like your passwords might be compromised, contact support ASAP. We’ll help you change your passwords.