Receiving suspicious emails about service renewals
Table of Contents
It is very important to make sure that you confirm the validity of any emails asking you to provide any personal information such as login details, name, address and especially payment information.
A common scam online is to send fake emails for expiring services, urging the owner of the service to renew it if he does not want that service to stop working. When the recipient of the email message clicks the link in the message they are taken to a page asking them to provide payment or login details. However, the page they were taken to is not a legitimate one by the service provider, but one made to look similar or even exactly like it. After the visitor submits any information on the page, that information gets obtained by the sender of the email, who also created the fake page, thus essentially stealing the provided data. This type of scam is called phishing or email spoofing and you can find a more information about it on our blog.
How to find out if an email is sent by SiteGround
To prevent being scammed, follow these guidelines to confirm the validity of any emails you receive that claim to be sent from SiteGround, before you follow any links in the email asking for any sensitive information:
- emails from SiteGround about renewals or expiring services are always sent from the following email address – noreply@siteground.com. Carefully check the exact wording, as scammers often use similarly looking domain names in an attempt to trick people into believing the sender is legitimate, i.e. “sietground.com”, “siteeground.com” and so on. Any difference from the exact spelling of the email address above is a signal that the email is fake and should be ignored;
- emails from SiteGround always start with “Hello” and followed by the name you used to register the service with us. Scammers often only have an email address and they cannot link it to your actual name, so in their emails they replace the name with the email address, i.e. “Hello email@yourdomainname.com”;
- SiteGround emails never mention the payment method that is to be used to pay for the service. The payment type is shown only after you log in your SiteGround Client Area. Emails that include a text, suggesting you use a specific payment type like credit card, debit card, voucher codes, cryptocurrency or anything else are not sent by SiteGround;
- always confirm the URL address before you click any buttons in an email claiming to be from SiteGround. You can do that by hovering the mouse cursor over the button and most email clients will show up where that button will take you to in the bottom left corner of the mail client window. If the domain in the URL is not siteground.com, siteground.es, it.siteground.com, de.siteground.com, my.siteground.com or tools.siteground.com then the email is probably not legitimate. For example “https://my.siteground.com/billing/renew” is a legitimate URL that will take you to the Renewals page in your Client Area, while something like “https://sites.google.com/view/sitegrounddomain1/siteground” is a scam URL. The Renewal page should look like this:
- if you are not sure if an email is legitimate you should always avoid following any links or click any buttons in the message. Instead manually go to your SiteGround Client Area at https://my.siteground.com/ where you can log in and manage all of your services, including renewing them if necessary;
- emails from SiteGround always end with “Best Regards, The SiteGround Team”, followed by the legal information about the company like the company name and address. Emails lacking this information can be ignored;
- non-legitimate emails sent from scammers often do not have the same look and layout as the legitimate emails sent by us. Below is an example of an official email sent by SiteGround:
What should you do if you click a link from a suspicious email
1. Change your Client Area password
2. Enable 2-Step Verification if you haven’t already
3. It is recommended that you update your payment information, since it can be used to verify your ownership of the account