Beware of New Phishing Scam

Dear all,

It has been brought to our attention that a new type of phishing scam is being sent via email that is trying to trick website owners into giving away their cPanel login credentials. The email claims that there is a problem with the MySQL server, and pretends to be sent from "CPanel Network Server Monitor". The text in the email instructs the user to click on a link in the email to solve the problem, which leads to a fraudulent phishing site and not the legitimate cPanel login interface. The page looks like the normal cPanel login page, but at deeper inspection you will notice the URL points to a foreign IP address, and also it does not have a valid SSL certificate.

This email is FAKE and please DO NOT click on the link in the email!

If you have already received this email and entered your cPanel login credentials, please immediately reset your cPanel password as your account may have been compromised.

Our servers do not send out such warnings, and our cPanel login url will always be on the format:

https://<servername>:2083
https://<servername>/cpanel
https://yourdomain.com:2083
https://yourdomain.com/cpanel

Content of email

The email will look similar to this:

From: "CPanel Network Server Monitor"
To: mailbox@yourdomain.com
Subject: Fatal ERROR! Data lost risk!

Message from CPanel Network Server Monitor, 10/16/2013 02:03:00:

Item:
DRIVER=MYSQL Server; MYSQL

Result:
Fatal ERROR! Data lost risk!

Explanation:
ERROR: Opening connection to database, ADO error: Unspecified error MYSQL Server does not exist or access denied.

To resolve this issue, please, restart MySQL Server, using this URL:

http://xxxxx/cpanel/index.php?domain=yourdomain.com&reauth=xxx

If you have any questions regarding the above, please contact our support department.