Knowledge Base

Phishing Mail received: <example.com> Attention! No disk space(quota) left

 
anti spamphpurlupdatestechnical questions

Situation

  • Phishing Mail received:

    <example.com> Attention! No disk space(quota) left

  • Base URL is not the Hostname of the hosting server nor the domain of the user:

    https://PhishingDomain.com/login_up.php?success_redirect_url=https://www.example.com:8443

  • URLs on the mail redirect to webhostplesk.com

Impact

External Phishing attack, trying to steal server/user credentials

Check PFSI-62906 for updates

Call to Action

  1. Report Phishing to the domain registrar and email server provider, this can be checked over WHOIS, as an example:

    Main domain:

    # whois webhostplesk.com | grep -i Abuse
    Registrar Abuse Contact Email: [email protected]

    Do the same for the hacked domains that redirect to the main one:

    # whois PhishingDomain.com | grep -i Abuse
    Registrar Abuse Contact Email: [email protected]

    Report IP of the server that send the mail:

    # whois 203.0.113.2 | grep -i Abuse
    % Abuse contact for ‘203.0.113.0 – 203.0.113.255’ is ‘[email protected]

  2. Do not click or use the links in these mails nor fill in any information there

  3. Use anti-spam measures How to protect a Plesk server from incoming spam and viruses

Read the full article
Related Posts
Knowledge Base

Hosting Wiki

Industry
Partners

industry-partner_ALIBABA
industry-partner_GOOGLEPARTNER
industry-partner_MICROSOFT
industry-partner_REDHAT-r2
industry-partner_ALIBABA
industry-partner_AUTOMATTIC
industry-partner_AWS
industry-partner_DIGITALOCEAN
industry-partner_SCALEWAY

Follow us:

Facebook Twitter Linkedin Youtube Github

© 2022 Plesk International GmbH. All rights reserved. Plesk and the Plesk logo are trademarks of Plesk International GmbH.

Managed with 💙  with Plesk WP Toolkit
Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt