Phishing refers to e-mails (or more rarely, text messages or calls) that attempt, for example, to steal user data and passwords or plant computer viruses or trojans on a computer.
Phishing e-mails can contain fake invoices or tempting offers. They often urge recipients to act immediately to get them to fill in a fake form, click on a link to a fake website or open an infected e-mail attachment.
How to recognize a phishing attack
Check the sender
- Don’t let yourself be pressured. Shocking or urgent-sounding subject lines are intended to spur you to act. Ask yourself: would the sender communicate with me in this way? Does this really seem right? If you’re unsure, log in to the Hostpoint Control Panel directly with your Hostpoint ID. You would be able to see any payment reminders directed at you there.
- Check the sender of the e-mail. Does the URL after the “@” match the sender’s name? Is it spelled correctly, letter for letter? Do you know the sender and have you received other e-mails from them? Are there any discrepancies or does anything unusual stand out?
- If the e-mail was sent at an odd time, this can also be a sign of a phishing attempt.
Subject: Domain loss within 24 hours
From: Hostpoint AG ( hostpoint@unlimited-buz.li)
To: michi.hochberger@hochberger.ch
Date: Wednesday, July 12, 2020 04:23 am
Check the contents
- The salutation in phishing e-mails is often very general and impersonal. Ask yourself: doesn’t the sender usually address me by my name?
- Like the subject line, the body of the e-mail often pressures the recipient to act without thinking it through. Ask yourself: is what I’m being asked to do credible? Does it make sense? Is this how the sender in question usually communicates with me? Can you verify the request independently of the e-mail (for example, by checking the Hostpoint Control Panel)?
Take note of the spelling as well: Swiss companies and major international firms normally don’t make spelling or syntax mistakes. - Hyperlinks: check before clicking! Check the spelling of the domain and do a “mouseover” (= hover; run your mouse over the link) to make sure that the link actually goes to the stated destination.
- Attachments: were you expecting this attachment from the sender? Do you actually need to open the attached file or are you just curious? Remember: attachments often have harmful contents. Also avoid opening compressed files (ZIP) that you weren’t expecting.
Dear valued customer,
A review of your paymets has shown that the amount for your domain has been outstanding for some time. If you do not transfer the outstanding amount 24 h we will deactivate your doman.
You can pay the outstanding invoic by clicking the following link:
https://www.hostpoint.ch/securepayment/admin
Best regards,
Hostpoint
Invoice.pdf
Info: Never act under pressure!
Don’t let yourself be pressured. A shocking or urgent-sounding subject line is intended to make you act without thinking. Pause for a moment and ask yourself: does Hostpoint ever communicate with me in this way and with this kind of content by e-mail? Does this make sense? If you’re unsure, log in to the Hostpoint Control Panel directly. Any payment reminders would be visible there.
Learn more about security on the internet with iBarry
iBarry is a SISA (Swiss Internet Security Alliance) platform. Hostpoint is a member of this alliance, which aims to make Switzerland’s internet the most secure in the world. Using preventative awareness campaigns, iBarry keeps the population up to date on important cybersecurity topics.
Report phishing e-mail or website
Do you suspect that you’ve received a phishing e-mail? Report suspected and obvious attempts at fraud to the following authorities and help protect yourself and others against further attacks:
Info: Phishing with a reference to Hostpoint
Have you received a phishing e-mail with a reference to Hostpoint? Let us know about such phishing attempts at the following e-mail address:
phishing-report@hostpoint.ch
We ask for your understanding that we cannot respond to the numerous reports we receive personally. During active waves of phishing, we often receive many messages from alert or concerned customers.
We are very grateful for your valuable information!
Info: Other phishing e-mails or websites
You can forward all other suspicious e-mails or sightings to the NCSC, the National Cyber Security Centre (formerly MELANI), as an attachment.
For support requests please use this form instead.
