GoDaddy suffers embarrassing phishing attack – TechRadar India

GoDaddy has suffered an embarrassing phishing attack that affected one of its most high-profile customers.

A customer service agent at the web hosting giant was targeted by a spear-phishing attack which enabled hackers to gain access to the account of, according to security site KrebsOnSecurity. is one of the US’ leading brokering websites, enabling thousands of customers to make secure transactions online, however the hackers were able to change its homepage to a profanity-laden message.

Phishing attack

Hackers were able to change’s DNS records to redirect to a third-party web server based in Malaysia, one identified by KrebsOnSecurity as hosting phishing scams.

Matt Barrie, the CEO of, which owns, confirmed that none of its systems were compromised, and no customer data, funds or domains were breached or accessed.

Barrie told KrebsOnSecurity that no-one in his business had been affected, with the breach instead coming from their GoDaddy representative.

The web hosting site confirmed that an employee had fallen victims to a spear-phishing attack, and that a “thorough audit” had revealed five other customer accounts could also potentially be affected.

“Our team investigated and found an internal employee account triggered the change,” a GoDaddy statement given to KrebsOnSecurity said.

“We immediately locked down the impacted accounts involved in this incident to prevent further changes. Any actions done by the threat actor have been reverted and the impacted customers have been notified. The employee involved in this incident fell victim to a spear-phishing or social engineering attack. We have taken steps across our technology, processes and employee education, to help prevent these types of attacks in the future.”

Anyone fearing such attacks is urged to boost their security through implementing systems such as two-factor authentication, and strong passwords governed by password manager tools.

Via KrebsOnSecurity

Sorgente articolo:
GoDaddy suffers embarrassing phishing attack – TechRadar India

User ID Campaign ID Link
d9a95efa0a2845057476957a427b0499 l-99999984 Cloud Realtime
d9a95efa0a2845057476957a427b0499 l-99999983 Ugo Fiasconaro
d9a95efa0a2845057476957a427b0499 l-99999982 Cloud Realtime
d9a95efa0a2845057476957a427b0499 l-99999994 Email Campaign