Phishing
SecurityPhishing is a social engineering attack where criminals impersonate a trusted sender to trick people into revealing passwords, payment details, or other sensitive data, or into installing malware. It commonly uses email, SMS, chat, or fake login pages that mimic real services. In web hosting, phishing often targets admin panels, email accounts, and domain credentials to hijack sites or redirect traffic.
How It Works
Phishing typically starts with a message that creates urgency or trust, such as an account warning, invoice, delivery notice, or support request. The message includes a link to a lookalike website or an attachment. The fake site is designed to capture credentials (for example, a hosting control panel login), while attachments may deliver malware that steals saved passwords or session cookies.
Attackers often improve success rates using spoofed sender addresses, compromised email accounts, or domains that resemble legitimate ones (typosquatting). More targeted variants, such as spear phishing, use personal or company details to appear credible. Once credentials are captured, attackers may log in, change DNS records, create new admin users, set up email forwarding, or deploy malicious code to the website.
Why It Matters for Web Hosting
Phishing is a leading cause of account takeover, which can quickly turn into website defacement, data theft, spam sending, or SEO poisoning. When comparing hosting plans, evaluate how well the provider helps reduce phishing impact: strong account security (2FA, login alerts, IP allowlisting), email authentication support (SPF, DKIM, DMARC), malware scanning, backups, and clear recovery processes for compromised accounts and domains.
Common Use Cases
- Stealing hosting control panel or WordPress admin credentials to upload backdoors
- Hijacking domain registrar access to change DNS and redirect visitors to scam pages
- Compromising business email to send fraudulent invoices or reset-password requests
- Capturing FTP/SFTP or database credentials to exfiltrate site data
- Tricking staff into approving access requests in collaboration tools or support tickets
Phishing vs Spoofing
Phishing is the broader scam that aims to extract information or trigger an action (logging in, paying an invoice, installing software). Spoofing is a technique used within many phishing campaigns, where an attacker falsifies an identity signal such as an email sender, caller ID, or a domain name. In hosting, SPF, DKIM, and DMARC help reduce email spoofing, but user verification and 2FA are still needed to prevent phishing-driven logins.