I studied what I could see of the preview and it looked legit. I opened it. There was my full name and it was actually sent to the account I used to signup with my host. Most of the spammy stuff goes to my author account which I don't use on websites to avoid phishing attempts. I read through the email--the spelling and grammar was correct. The phone numbers and logo were correct. The from email address had my host's name.com.
The message concerned me. I'd added far too many directories, and if I didn't go to my account and combine them, I would be shut down. They suggested I go to my control panel or click on a handily included link. One reason I was so concerned? My former blog was hacked multiple times and I was concerned that someone had actually hacked into my website itself. That's the only way all those directories could be there because I hadn't added anything.
I paged through my files, but it didn't look as if anything had been added and I didn't see hundreds of directories. Puzzled, I was trying to figure out how to contact my web host and ask for help when I said, let me check out that email again. This time I clicked the link as a test. The page looked like my web host, but the address in the bar above was some site in Russia. It had a .ru extension.
Phished!
Normally I don't fall for this and I was lucky that my innate caution and natural suspicion had me paying attention. At that time of the morning, without coffee and short on sleep, it would have been too easy to just click through without thinking about it.
I forwarded the email to the abuse department of my web host. The lesson, though, is to be careful out there. The phishers are getting better.
