Illistration of Phishing - Stealing Login Data
Home ScamsPhishing Scams ‘Confidential Document via cPanel’ Email Account Phishing Scam

‘Confidential Document via cPanel’ Email Account Phishing Scam

by Brett M. Christensen

According to this email, you have received a confidential document via cPanel cloud systems.

Supposedly, the email was sent by cPanel Support’s Head of Security.

It claims that to properly view the document, you will need to click a button and authenticate your work email address.

However, the email was certainly not sent by cPanel and “authenticating your email address”  will not reveal any documents, confidential or otherwise.

In fact, the message is a phishing scam designed to steal your email account login details.

What is cPanel?

cPanel is a popular control panel system used by many web hosting companies. If you build and manage websites, you will likely have used cPanel to control and configure different aspects of your website. Despite the suggestion in the footer of the scam email, cPanel is not owned by Microsoft.

However, cPanel has nothing to do with sharing documents nor would you ever receive a direct email from the head of cPanel security.  cPanel is used by hosting companies to allow customers to manage their websites. If there was an issue related to cPanel for your hosting account, you would be contacted by your hosting company, not cPanel itself.

It appears that the scammers have used the cPanel name and logo simply to make their false claims seem more legitimate.  Less tech-savvy recipients may have perhaps heard the name without having any real understanding of what it actually is and so thus may be more easily taken in.

What Happens if you Click?

If you fall for the ruse and click the link you will be taken to a phishing website that asks for your email address and email account password. Once you have entered these details, your browser may automatically redirect to an unrelated website.
Meanwhile, the scammers can collect your login credentials and use them to take control of your email account and any services linked to it. Once they have gained access, they can use your account to distribute scam, spam, and malware emails in your name. Depending on the type of account you have, they may also be able to make purchases in an associated app store and steal files you have stored online.

In some cases, they may manage to collect enough of your personal information to enable them to steal your identity.

Email account phishing scams like this one are very common and take many forms.  Always login to your email and other online accounts by entering the address into your browser’s address bar or via a trusted app.

If this email hits your inbox, don’t click any links that it contains. Instead, just delete it.

A screenshot of the scam email:

cPanel Confidential Document Phishing Scam


You have received a Confidential Document via
cPanel Cloud Systems

This document is addressed to […]
Please, be sure to view.
If the message is incorrectly addressed, kindly delete immediately.

To view the document properly, please authenticate your work email account to view the document on our cloud portal.

View Confidential Document

Need help?

We offer a variety of client options for our customers.

cPanel is either registered trademarks or trademarks of Microsoft Systems Incorporated in the United States and/or other countries.
All other trademarks are the property of their respective owners. © 2019 cPanel Incorporated. All rights reserved.
Registered Office: cPanel Software Ireland Limited, 4-6 Riverwalk, Citywest Business Park, Dublin 24, Ireland. Registered number: 344992

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,