Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.
On Thursday, September 7th a group of scammers sent emails phishing for CloudFlare credentials. The email appears to come from “Cloudflare Abuse Department”, but you will see that the email did not actually come from Cloudflare. It came from a freshdesk email account which is not associated with Cloudflare.
The email also contains a link to lead the recipient to review the complaint and takes them to https://cloudflarecompliancedept.site/support/.
The site looks like the Official Cloudflare login page and even has an SSL certificate that appears to be valid. Upon investigation, the SSL certificate is a free certificate that can be obtained easily.
You can even find the fake freshdesk login page by visiting https://cloudflareabuse.freshdesk.com/support/home
This phishing attempt was very well thought out, all the way down to the smallest detail. To the average person opening their emails, it would be very difficult to identify this as malicious.
While the malicious email looked completely legit, there was one key giveaway: The mail was sent from a domain that is not associated with Cloudflare.
If you received an email from firstname.lastname@example.org, report it as phishing by notifying your email provider. Then delete it.
If you do click on the malicious link, do not attempt to log into the account.
If, unfortunately, you fell for the scam and granted permission to the hackers, get in touch with CloudFlare directly. While you’re at it, it’s a good idea to change your passwords.
Here is the official Cloudflare link to visit if you encounter the scam:
Rest assured that the eBoundHost JetRails eCommerce Team is actively working with Cloudflare on this discovery. As of 12:54 PM CST, it appears that the malicious domain was taken down. That does not mean the original attacker is not still active. Please take caution with any emails and access points and reach out to the JetRails team with any questions or concerns: 888-554-9990 or email@example.com
I'm Stan Bogdashin, a customer of your hosting company for the past 2 years. Our company provides web design, development and Search Engine Optimization (SEO) services. Want to thank you for helping us by providing great hosting seamless support - this is why I continue to recommend you and don't use anyone else for hosting!
EXCELLENT across the board, super quick reply to questions (about 15-30min). Outstanding! Loads of features, excellent price! Loads of space and bandwidth!
I have been a customer since December of 2001, and the service has been nothing less than excellent. I would recommend eBoundHost highly.
Every time I call with a problem or question, Everyone, especially Denis has always stepped up to the occasion. As usual he solved yet another problem I had. You have a superlative customer service. It doesn't get any better. Keep it up guys.
Over the years, I've dealt with many companies. None come close to equaling the service and price offered by eBoundHost.
I came to eBoundHost after a very bad experience with a so called "big boy" - you know one of those places you are only a number. I have been a satisfied customer for more than 4 years now. The support is second to none.
I waited to write a review until I had absolutely everything working, thinking that something would come up that eboundhost couldn't solve almost immediately. I've never been so happy to be wrong - their customer support is just incredible.
Cost, technical support and promptness of return calls are of paramount importance to me since most of my work is done on the road and waiting for a reply is frustrating. eBoundHost has been a pleasure to work with friendly, courteous and professional.
eBoundHost.com has the best customer service in ANY industry. Their support staff answers phone calls and emails immediately and they have time and time again gone over and above their responsibilities to make sure I am taken care of and that my clients are happy. I have many websites hosted here from small business to corporate level and have dealt with many hosting companies in the industry and eBoundHost.com is by far the BEST hosting provider there is. Great prices, great service, great hosting packages, and a killer reseller program! THANK YOU AGAIN :)
SUPER SUPPORT - even during "off hours" - Sundays & holidays. Responses have always been within minutes of the initial call or email. The BEST vendor I have ever used in my 10 plus years as a webhosting services consumer.
Fast, reliable, full of features... Over the years, I have used more than a dozen hosts, both the big ones and smaller ones; eBoundHost.com is by far my favorite.
Reliability and customer service that is rare and refreshing. We have been using eBoundHost for several years and unlike many companies who's service wanes over the years, the staff at eBound has consistently delivered top notch performance. Bravo!
eBoundHost.com has been a dream to work with. My questions are answered in minutes, the price is very reasonable, the interface is great, I am very happy with how smooth everything works.
1) Their technical support people are always available to help with questions. 2)Server and network speed excellent. 3)Everything works great. 4)I highly recommend them!!!Thank you.