Warning! JavaScript is turned off or disabled! Some features on this website will not work.
Alerts left arrow right arrow   

Beware of "Cloudflare Helpdesk New Ticket" Phishing Scam at Cloudhelpdesk Website

Comments  +
Beware of "Cloudflare Helpdesk New Ticket" Phishing Scam at Cloudhelpdesk Website

Cloudflare users, if you have received emails like the one below, which claim you have a new ticket from CloudHelpDesk and are asked to click on a link to view the ticket, please DO NOT. This is because the emails are fakes and the links in them go to a fake Cloudflare Helpdesk website (see below) that steals account credentials (usernames and passwords).

Please continue below.

A Sample of the "Cloudflare Cloudhelpdesk New Ticket" Phishing Scam

Subject: [Cloudflare]: New Ticket # 5068: onlinethreatalerts.com

Date: Wed 20/09/2017 10:41

From: CF Helpdesk

Hello,

You have a new ticket from Cloudflare.

hxxps://login.cloudhelpdesk.website/

Regards,

Cloudflare Trust & Safety

The link in the fake emails goes to the fake Cloudflare website at hxxps://cloudhelpdesk.website, which is owned by cybercriminals. What the cybercriminals have done is to create a copy of Cloudflare's legitimate website (www.cloudflare.com) at hxxps://cloudhelpdesk.website to trick their potential victims into believing the fake website is legitimate.

The cybercriminals then send out fake Helpdesk emails like the sample above with a link to the fake website. If potential victims visit the fake website thinking it is the legitimate Cloudflare website and attempt to sign-in, their usernames and passwords will be sent to the cybercriminals behind the scam.

Once the cybercriminals have gotten the stolen usernames and passwords, they will use it to gain access to their potential victims' Cloudflare accounts, hijack and use the accounts fraudulently.

Cloudflare users who have already been tricked by the phishing scam are asked to change their passwords immediately. If they are unable to, they should contact Cloudflare for help immediately. Only use the contact information on Cloudflare's website at www.cloudflare.com, and never give out your password to anyone, not even a technical support representative.

Also, Cloudflare offers Two-Factor Authentication and encourages all users to take advantage of the feature for account security. This feature is another layer of security that prevents cybercriminals from gaining access to your account even if they have stolen your username and password. Click here to learn how to enable Two-Factor Authentication on your account.

Please share with us what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward malicious or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Share this on:

and/or ContributionDonate

Would you recommend this article to a friend or family member?
Yes (0) No (0)   

Comments, Questions and Reviews
Comment(Total: 1)

To help protect your privacy, please do not post your full name, telephone number, email address, username, password, account number, credit card information or home address in your comments, questions, or reviews.

Write a Comment, Review, or ask a Question or scroll down to view comments, reviews and questions made by others.

The comments or reviews below do not necessarily reflect the views of Online Threat Alerts.

  • Posted: Oct 25, 2017 by info

    Another variation of Cloudflare phishing email FYI.

    ---------- Forwarded message ----------
    From: Cloudflare Trust & Safety <support@clfr.freshdesk.com>
    Date: 25 October 2017 at 17:47
    Subject: [Cloudflare Abuse]: days.to: New Ticket # 8418: malware hosted on days.to
    To: admin@days.to
    Cc: support@days.to, it@days.to

    Hello,

    You have a new ticket regarding malware hosting on days.to.

    Regards,
    Cloudflare Trust & Safety

    delete


Submit Comment Write Your Comment, Question or Review

Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.
All comments, questions or reviews will be examined for derogatory or indecent statements, spam or malicous code, before they are posted on this website.