Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.
On Thursday, September 7th a group of scammers sent emails phishing for CloudFlare credentials. The email appears to come from “Cloudflare Abuse Department”, but you will see that the email did not actually come from Cloudflare. It came from a freshdesk email account which is not associated with Cloudflare.
The email also contains a link to lead the recipient to review the complaint and takes them to https://cloudflarecompliancedept.site/support/.
The site looks like the Official Cloudflare login page and even has an SSL certificate that appears to be valid. Upon investigation, the SSL certificate is a free certificate that can be obtained easily.
You can even find the fake freshdesk login page by visiting https://cloudflareabuse.freshdesk.com/support/home
This phishing attempt was very well thought out, all the way down to the smallest detail. To the average person opening their emails, it would be very difficult to identify this as malicious.
While the malicious email looked completely legit, there was one key giveaway: The mail was sent from a domain that is not associated with Cloudflare.
If you received an email from firstname.lastname@example.org, report it as phishing by notifying your email provider. Then delete it.
If you do click on the malicious link, do not attempt to log into the account.
If, unfortunately, you fell for the scam and granted permission to the hackers, get in touch with CloudFlare directly. While you’re at it, it’s a good idea to change your passwords.
Here is the official Cloudflare link to visit if you encounter the scam:
Rest assured that the eBoundHost JetRails eCommerce Team is actively working with Cloudflare on this discovery. As of 12:54 PM CST, it appears that the malicious domain was taken down. That does not mean the original attacker is not still active. Please take caution with any emails and access points and reach out to the JetRails team with any questions or concerns: 888-554-9990 or email@example.com
From using your hosting services for dozens of web clients and appreciating your wonderful customer service (all the while enjoying spending my meaty affiliate checks), I look forward to growing with you and watching you evolve surely and steadily into a powerhouse of a force to be reckoned with for your competitors. In an overcrowded abyss of hosting providers it is an absolute MUST to stand out above the crowd if you want to claim your stake and play with the big boys. Period. All I can say is this...Look Out World - GAME ON!!!
I have been a customer since December of 2001, and the service has been nothing less than excellent. I would recommend eBoundHost highly.
SUPER SUPPORT - even during "off hours" - Sundays & holidays. Responses have always been within minutes of the initial call or email. The BEST vendor I have ever used in my 10 plus years as a webhosting services consumer.
eBoundHost.com has been a dream to work with. My questions are answered in minutes, the price is very reasonable, the interface is great, I am very happy with how smooth everything works.
I waited to write a review until I had absolutely everything working, thinking that something would come up that eboundhost couldn't solve almost immediately. I've never been so happy to be wrong - their customer support is just incredible.
eBoundHost provides the very best service I've experienced in hosting. It takes less than 24h to get an answer to any question. They're great.
Every time I have contacted my host provider. They have responded with speed, courtesy and accuracy they are professional and a joy to work with.
I'm Stan Bogdashin, a customer of your hosting company for the past 2 years. Our company provides web design, development and Search Engine Optimization (SEO) services. Want to thank you for helping us by providing great hosting seamless support - this is why I continue to recommend you and don't use anyone else for hosting!
Great customer service. After looking around for a while we signed up with eBoundHost. And I can assure you that we made right decision. Customer service is so good that I don't have words to explain. I would recommend this service to everyone.
Fast, reliable, full of features... Over the years, I have used more than a dozen hosts, both the big ones and smaller ones; eBoundHost.com is by far my favorite.
I have worked with many hosting companies over the course of my years in the website building and design business. I can say with certainty that eBoundHost.com is among the elite companies. I would and have recommended them to anyone.
I came to eBoundHost after a very bad experience with a so called "big boy" - you know one of those places you are only a number. I have been a satisfied customer for more than 4 years now. The support is second to none.
EXCELLENT across the board, super quick reply to questions (about 15-30min). Outstanding! Loads of features, excellent price! Loads of space and bandwidth!
Every time I call with a problem or question, Everyone, especially Denis has always stepped up to the occasion. As usual he solved yet another problem I had. You have a superlative customer service. It doesn't get any better. Keep it up guys.