{"id":7825,"date":"2024-03-18T17:11:43","date_gmt":"2024-03-18T17:11:43","guid":{"rendered":"https:\/\/www.ssls.com\/knowledgebase\/?p=7825"},"modified":"2024-03-25T16:42:49","modified_gmt":"2024-03-25T16:42:49","slug":"recent-ssls-com-spoofing-incidents","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/","title":{"rendered":"Recent SSLs.com spoofing incident"},"content":{"rendered":"\n<p>We have recently been notified of an email phishing attack attempt claiming to be from SSLs.com. These malicious emails were sent from the email address <a href=\"mailto:noreply@ssls.com\">noreply@ssls.com<\/a>; however, we did not send these emails. We do not use the email address above to communicate with our customers.<\/p>\n\n\n\n<p>If you receive any emails from <a href=\"mailto:noreply@ssls.com\">noreply@ssls.com<\/a>, we strongly advise that you do not open them, do not click on any links inside, and delete them immediately.&nbsp;<\/p>\n\n\n\n<p>We apologize for any inconvenience this issue may have caused you. Read on to learn more about what happened, whether you should take any actions, and what SSLs.com is doing to address the issue.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>What happened?<\/strong><\/h2>\n\n\n\n<p>Recently, we received several complaints from users claiming they received suspicious emails from <a href=\"mailto:noreply@ssls.com\">noreply@ssls.com<\/a>.<\/p>\n\n\n\n<p>We investigated the situation and confirmed that the emails were a part of a phishing attack.&nbsp;<\/p>\n\n\n\n<p>The attack utilized what\u2019s called \u2018email spoofing\u2019. Email spoofing is when an attacker uses a fake email address featuring the domain of a legitimate website. This is possible because domain verification is not a feature of Simple Mail Transfer Protocol (SMTP), the protocol email is built on.<\/p>\n\n\n\n<p>The phishing emails asked recipients to authenticate their email address. The link inside the emails leads to a page that looks like the Webmail cPanel interface. The page requests the user to enter their email address and password. The page is hosted by ipfs[.]io, which uses the InterPlanetary File System, a decentralized file hosting system. This technology is <a href=\"https:\/\/en.wikipedia.org\/wiki\/InterPlanetary_File_System#cite_note-26:~:text=an%20IPFS%20Gateway.-,Malware\" target=\"_blank\" rel=\"noreferrer noopener\">known to be used for such attacks<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>What you should do<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>If you received any emails from <a href=\"mailto:noreply@ssls.com\">noreply@ssls.com<\/a>, please do not open them. Don\u2019t click on any links, and delete the email. If you followed the link and entered any credentials into the phishing form, please change the password for the related services and contact customer support to inform them about the potential breach of your account.<\/li><li>Treat webpages hosted by ipfs[.]io as high-risk and do not submit any sensitive information there.<\/li><li>Familiarize yourself with the primary <a href=\"https:\/\/www.ssls.com\/blog\/how-to-protect-yourself-from-phishing-scams\/\" target=\"_blank\" rel=\"noreferrer noopener\">means of protection from phishing attacks<\/a>.<\/li><li>We encourage all site owners to enable DMARC (Domain-based Message Authentication Reporting and Conformance) for their domain names and not fall victim to spoofing attacks. You may reach out to your DNS provider for assistance with this.<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Is my data safe?<\/strong><\/h2>\n\n\n\n<p>If you did not click on the email and enter your details on the phishing page, then you\u2019re safe.&nbsp;<\/p>\n\n\n\n<p>There are no signs that SSLs.com\u2019s customer data has been breached.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>How we\u2019re handling the issue<\/strong><\/h2>\n\n\n\n<p>To prevent similar attacks from happening again, we will implement DMARC technology, which is a method of authenticating email messages and disallowing email spoofing. You can learn more about DMARC <a href=\"https:\/\/dmarc.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>. As soon as DMARC is implemented, it will no longer be possible for bad actors to impersonate SSLs.com emails. We will update this post when DMARC is enabled.<\/p>\n\n\n\n<p>Kind regards<\/p>\n\n\n\n<p>SSLs.com Support Team<\/p>\n\n\n\n<p>____________________________________________<\/p>\n\n\n\n<p><strong>update@ : March 25, 16:40 UTC | 12:40 PM EST<\/strong><br>Dear Customers,<\/p>\n\n\n\n<p>We are pleased to inform you that the DMARC policy has been activated for SSLs.com. <\/p>\n\n\n\n<p>Effective immediately, any emails originating from unauthorized servers will be directed to the spam folder. However, we understand the importance of ensuring that legitimate emails are not mistakenly flagged as unauthorized. Therefore, we will diligently monitor the situation over the coming weeks to mitigate any false positives.<\/p>\n\n\n\n<p>Subsequently, we will adjust the DMARC configuration to enforce stricter measures, whereby emails from unauthorized servers will be outright rejected by the email client. This additional layer of protection will further safeguard our communication channels against potential threats. <\/p>\n\n\n\n<p>While DMARC implementation significantly reduces the risk of domain spoofing, it&#8217;s essential to acknowledge that some email providers may not fully adhere to DMARC policies. Therefore, emails with spoofed domains may still manage to infiltrate your mailbox on these platforms.<\/p>\n\n\n\n<p>For your reference, listed below are several reputable email providers known to perform DMARC checks:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Gmail (Google Mail)<\/li><li>Outlook.com (Microsoft)<\/li><li>Yahoo Mail<\/li><li>AOL Mail<\/li><li>ProtonMail<\/li><li>Zoho Mail<\/li><li>FastMail<\/li><li>iCloud Mail (Apple)<\/li><\/ul>\n\n\n\n<p>If your provider is not on the list, or if you are unsure about their DMARC authentication practices, we encourage you to reach out to them directly for clarification.<\/p>\n\n\n\n<p>Kind regards,<\/p>\n\n\n\n<p>SSLs.com Support Team<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have recently been notified of an email phishing attack attempt claiming to be from SSLs.com. These malicious emails were sent from the email address noreply@ssls.com; however, we did not send these emails. We do not use the email address above to communicate with our customers. If you receive any emails from noreply@ssls.com, we strongly ..<\/p>\n<div class=\"clear-fix\"><\/div>\n<p><a href=\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\" title=\"read more...\">Read more<\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-7825","post","type-post","status-publish","format-standard","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Recent SSLs.com spoofing incident \u2013 HelpDesk | SSLs.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Recent SSLs.com spoofing incident \u2013 HelpDesk | SSLs.com\" \/>\n<meta property=\"og:description\" content=\"We have recently been notified of an email phishing attack attempt claiming to be from SSLs.com. These malicious emails were sent from the email address noreply@ssls.com; however, we did not send these emails. We do not use the email address above to communicate with our customers. If you receive any emails from noreply@ssls.com, we strongly ..Read more\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\" \/>\n<meta property=\"og:site_name\" content=\"SSL Certificate Knowledgebase | SSLs.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/SSLsCom\" \/>\n<meta property=\"article:published_time\" content=\"2024-03-18T17:11:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-25T16:42:49+00:00\" \/>\n<meta name=\"author\" content=\"Shift Leader\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SSLscom\" \/>\n<meta name=\"twitter:site\" content=\"@SSLscom\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shift Leader\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\"},\"author\":{\"name\":\"Shift Leader\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/person\/fde19b558efebcad242ada0157db1c91\"},\"headline\":\"Recent SSLs.com spoofing incident\",\"datePublished\":\"2024-03-18T17:11:43+00:00\",\"dateModified\":\"2024-03-25T16:42:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\"},\"wordCount\":723,\"publisher\":{\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#organization\"},\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\",\"url\":\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\",\"name\":\"Recent SSLs.com spoofing incident \u2013 HelpDesk | SSLs.com\",\"isPartOf\":{\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#website\"},\"datePublished\":\"2024-03-18T17:11:43+00:00\",\"dateModified\":\"2024-03-25T16:42:49+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ssls.com\/knowledgebase\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Recent SSLs.com spoofing incident\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#website\",\"url\":\"https:\/\/www.ssls.com\/knowledgebase\/\",\"name\":\"SSL Certificate Knowledgebase | SSLs.com\",\"description\":\"SSL Knowledgebase | SSLs.com\",\"publisher\":{\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ssls.com\/knowledgebase\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#organization\",\"name\":\"SSLs.com\",\"url\":\"https:\/\/www.ssls.com\/knowledgebase\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.ssls.com\/knowledgebase\/wp-content\/uploads\/2019\/07\/8WCg7Uph_400x400-1.png\",\"contentUrl\":\"https:\/\/www.ssls.com\/knowledgebase\/wp-content\/uploads\/2019\/07\/8WCg7Uph_400x400-1.png\",\"width\":400,\"height\":400,\"caption\":\"SSLs.com\"},\"image\":{\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/SSLsCom\",\"https:\/\/x.com\/SSLscom\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/person\/fde19b558efebcad242ada0157db1c91\",\"name\":\"Shift Leader\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/2b135d73b47279bf5f85b805a0edbabacf887839762137642c8411b18a83bf31?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/2b135d73b47279bf5f85b805a0edbabacf887839762137642c8411b18a83bf31?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/2b135d73b47279bf5f85b805a0edbabacf887839762137642c8411b18a83bf31?s=96&d=mm&r=g\",\"caption\":\"Shift Leader\"},\"url\":\"https:\/\/www.ssls.com\/knowledgebase\/author\/slssl\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Recent SSLs.com spoofing incident \u2013 HelpDesk | SSLs.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/","og_locale":"en_US","og_type":"article","og_title":"Recent SSLs.com spoofing incident \u2013 HelpDesk | SSLs.com","og_description":"We have recently been notified of an email phishing attack attempt claiming to be from SSLs.com. These malicious emails were sent from the email address noreply@ssls.com; however, we did not send these emails. We do not use the email address above to communicate with our customers. If you receive any emails from noreply@ssls.com, we strongly ..Read more","og_url":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/","og_site_name":"SSL Certificate Knowledgebase | SSLs.com","article_publisher":"https:\/\/www.facebook.com\/SSLsCom","article_published_time":"2024-03-18T17:11:43+00:00","article_modified_time":"2024-03-25T16:42:49+00:00","author":"Shift Leader","twitter_card":"summary_large_image","twitter_creator":"@SSLscom","twitter_site":"@SSLscom","twitter_misc":{"Written by":"Shift Leader","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/#article","isPartOf":{"@id":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/"},"author":{"name":"Shift Leader","@id":"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/person\/fde19b558efebcad242ada0157db1c91"},"headline":"Recent SSLs.com spoofing incident","datePublished":"2024-03-18T17:11:43+00:00","dateModified":"2024-03-25T16:42:49+00:00","mainEntityOfPage":{"@id":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/"},"wordCount":723,"publisher":{"@id":"https:\/\/www.ssls.com\/knowledgebase\/#organization"},"articleSection":["News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/","url":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/","name":"Recent SSLs.com spoofing incident \u2013 HelpDesk | SSLs.com","isPartOf":{"@id":"https:\/\/www.ssls.com\/knowledgebase\/#website"},"datePublished":"2024-03-18T17:11:43+00:00","dateModified":"2024-03-25T16:42:49+00:00","breadcrumb":{"@id":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.ssls.com\/knowledgebase\/recent-ssls-com-spoofing-incidents\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ssls.com\/knowledgebase\/"},{"@type":"ListItem","position":2,"name":"Recent SSLs.com spoofing incident"}]},{"@type":"WebSite","@id":"https:\/\/www.ssls.com\/knowledgebase\/#website","url":"https:\/\/www.ssls.com\/knowledgebase\/","name":"SSL Certificate Knowledgebase | SSLs.com","description":"SSL Knowledgebase | SSLs.com","publisher":{"@id":"https:\/\/www.ssls.com\/knowledgebase\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ssls.com\/knowledgebase\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.ssls.com\/knowledgebase\/#organization","name":"SSLs.com","url":"https:\/\/www.ssls.com\/knowledgebase\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/logo\/image\/","url":"https:\/\/www.ssls.com\/knowledgebase\/wp-content\/uploads\/2019\/07\/8WCg7Uph_400x400-1.png","contentUrl":"https:\/\/www.ssls.com\/knowledgebase\/wp-content\/uploads\/2019\/07\/8WCg7Uph_400x400-1.png","width":400,"height":400,"caption":"SSLs.com"},"image":{"@id":"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/SSLsCom","https:\/\/x.com\/SSLscom"]},{"@type":"Person","@id":"https:\/\/www.ssls.com\/knowledgebase\/#\/schema\/person\/fde19b558efebcad242ada0157db1c91","name":"Shift Leader","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/2b135d73b47279bf5f85b805a0edbabacf887839762137642c8411b18a83bf31?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/2b135d73b47279bf5f85b805a0edbabacf887839762137642c8411b18a83bf31?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/2b135d73b47279bf5f85b805a0edbabacf887839762137642c8411b18a83bf31?s=96&d=mm&r=g","caption":"Shift Leader"},"url":"https:\/\/www.ssls.com\/knowledgebase\/author\/slssl\/"}]}},"publishpress_future_action":{"enabled":false,"date":"2026-05-18 16:18:21","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/posts\/7825","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/comments?post=7825"}],"version-history":[{"count":10,"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/posts\/7825\/revisions"}],"predecessor-version":[{"id":7855,"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/posts\/7825\/revisions\/7855"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/media?parent=7825"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/categories?post=7825"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/knowledgebase\/wp-json\/wp\/v2\/tags?post=7825"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}