According to this email, you have received a confidential document via cPanel cloud systems.
Supposedly, the email was sent by cPanel Support’s Head of Security.
It claims that to properly view the document, you will need to click a button and authenticate your work email address.
However, the email was certainly not sent by cPanel and “authenticating your email address” will not reveal any documents, confidential or otherwise.
In fact, the message is a phishing scam designed to steal your email account login details.
What is cPanel?
cPanel is a popular control panel system used by many web hosting companies. If you build and manage websites, you will likely have used cPanel to control and configure different aspects of your website. Despite the suggestion in the footer of the scam email, cPanel is not owned by Microsoft.
However, cPanel has nothing to do with sharing documents nor would you ever receive a direct email from the head of cPanel security. cPanel is used by hosting companies to allow customers to manage their websites. If there was an issue related to cPanel for your hosting account, you would be contacted by your hosting company, not cPanel itself.
It appears that the scammers have used the cPanel name and logo simply to make their false claims seem more legitimate. Less tech-savvy recipients may have perhaps heard the name without having any real understanding of what it actually is and so thus may be more easily taken in.
What Happens if you Click?
If you fall for the ruse and click the link you will be taken to a phishing website that asks for your email address and email account password. Once you have entered these details, your browser may automatically redirect to an unrelated website.
Meanwhile, the scammers can collect your login credentials and use them to take control of your email account and any services linked to it. Once they have gained access, they can use your account to distribute scam, spam, and malware emails in your name. Depending on the type of account you have, they may also be able to make purchases in an associated app store and steal files you have stored online.
In some cases, they may manage to collect enough of your personal information to enable them to steal your identity.
Email account phishing scams like this one are very common and take many forms. Always login to your email and other online accounts by entering the address into your browser’s address bar or via a trusted app.
If this email hits your inbox, don’t click any links that it contains. Instead, just delete it.
A screenshot of the scam email:
You have received a Confidential Document via
cPanel Cloud Systems
This document is addressed to […]
Please, be sure to view.
If the message is incorrectly addressed, kindly delete immediately.
To view the document properly, please authenticate your work email account to view the document on our cloud portal.
View Confidential Document
We offer a variety of client options for our customers.
cPanel is either registered trademarks or trademarks of Microsoft Systems Incorporated in the United States and/or other countries.
All other trademarks are the property of their respective owners. © 2019 cPanel Incorporated. All rights reserved.
Registered Office: cPanel Software Ireland Limited, 4-6 Riverwalk, Citywest Business Park, Dublin 24, Ireland. Registered number: 344992