Godaddy hacked. 28000 hosting accounts affected. Don’t panic. Take corrective action by resetting or changing passwords for hosting of web, email and Office365. Do not use the same password for everything.
There are a few key things you can check to see if you are the target of a phishing attack:
- Check the email header. If the source of the email does not come from a registered GoDaddy domain, then it most likely did not come from GoDaddy and is an attempt at phishing.
- Look for a large amount of typos or misspellings in the email content itself. This can indicate the presence of an attacker. Professional emails will contain minimal typos or misspellings, if any.
- Modified verbiage used to scare you into providing personal information. GoDaddy’s security incident disclosure email should not appear to scare you, or ask you to provide any information. It should simply inform you that you may have been impacted by a breach. If you receive an email that appears to be scaring you into providing information, then it may be a phishing attempt.