Another day, another phishing attempt.

This morning, I got an email like this for three of the domains I host at Bluehost.

I found one of these in my email inbox for three of my domain names this morning. I added the red underline; I explain why below.

Here’s the text, in case you can’t read it:

MARIA LANGER

Your web hosting account for flyingmair.com has been deactivated (reason: site causing performance problems).
Although your web site has been disabled, your data may still be available for
up to 15 days, after which it will be deleted.

If you feel this deactivation is in error, please contact customer support via:
http://my.bluehost.com.[redacted].piknini.org/account/8236/reactivation.html

Thank you,
BlueHost.Com Support
http://www.bluehost.com
For support go to http://helpdesk.bluehost.com/
Toll-Free: (888) 401-4678

I have to say that it looked very real. Simple, to the point. From “admin@bluehost.com”. All the links I pointed to actually went to where they said they were.

What really made me almost believe they were real was the fact that I’d made some changes to my domain setup a few weeks ago to lower my hosting costs with a slight hit to performance (which I hoped to be able to minimize with a new cache plugin). So the fact that performance might be causing issues just happened to make sense in my world.

Except, not for the domains it reported: flyingmair.com, flyingmproductions.com, and gilesrd.com. You see, none of those sites get any significant traffic. The only one of my sites that does get significant traffic is the one you’re reading this on right now, and I didn’t get an email message for it.

And then I took a closer look at the link I was supposed to click to resolve the issue. It started off fine: http://my.bluehost.com. But instead of a slash (/) after the domain, there was a dot and an alphanumeric string followed by the real domain I’d be going to if I clicked.

I switched to my browser and manually typed in www.flyingmair.com. The site came right up. It sure didn’t look deactivated to me.

I went up to my loft-based office where I could look at the email on a real computer (rather than an iOS device). I didn’t learn anything new, but by this time I was convinced it was another scam.

It bothered me that I’d almost been fooled. I called Bluehost and was told that they were already aware of the problem. Jeez. You think they’d send out an email warning us about it.

In any case, what I’ve always said about these things still applies: never click a link in an email message you were not expecting. If you think there’s any truth to a reported problem like this, manually type in the domain name of the site you can use to check — in this case, bluehost.com — and log in the usual way to follow up. Or just use the tech support number you should already have on hand to get more information.

Don’t get scammed.

And, for the record, I’d much rather blog about the things going on in my life that aren’t related to someone trying to rip me off than crap like this.