A new phishing scam targets the customers of many hosting services. Under the pretext of a system maintenance, the emails are linked to phishing pages which try to collect login information. The emails tell the user, that due to maintenance activities, all FTP data must be updated. Those who take the bait are led to a website formatted to look like a page from cPanel, the widely used website administration program.
The attack is apparently meant to harvest FTP logins for webmasters. Once the logins have been collected, the accounts are then accessed and the sites used to host phishing pages targeting users of online banking sites and other financial services.
Over 90 popular shared Web hosting services have been abused through these automatically generated emails. The message is identical in all of them, but the named company differs.
If you are a webmaster and have received one of these emails, please be sure to contact your hosting provider to reset your passwords immediately. Never give your password or login to a page you don’t recognize. Also, this might be a good time to change passwords and choose some strong ones. Here is a good password generator that will ensure your password is strong.