Fasthosts security?

[LongLensPhotography]

My site domain name is hosted by Fasthosts and they had a recent bad outage a week ago. http://www.theregister.co.uk/2014/1...ed_on_ddos_hack_attack_and_windows_2003_vuln/

Today I get this email from them (or not?)

I hope you are doing well today.

Are you still having issues with your website? In case you are still having the same issues, please provide me the following:

domain name:
FTP username and password:
error message received:


Best regards,

Elma Hinayon - Technical Support
Fasthosts Customer Support

So they want to overtake my site, or what?

I then emailed support@fasthosts.co.uk about this

and here is what I get, from the same person!!!

Thanks for your response.

Initially you have mentioned that your website was down so I am checking if you are still having issues so that I can investigate further.


Best regards,

Elma Hinayon - Technical Support
Fasthosts Customer Support

What would you do - try contacting someone else maybe by phone, ignore or switch provider ASAP?

 

[nass]

I have 8 sites on fasthosts including extreme-macro.co.uk and they've done a good job over the last 10 years for me.

Once you get beyond their tier 1 outsourced Asian support there are some people there who really know their stuff and are incredibly helpful.

The mail you quote is probably just phishing. The phisher saw the outage and mailed the domains it knows are on fasthosts. Very easy, and with a host like fasthosts in the news, not unsurprising.

I always call them if I have issues and they do ask for ftp details etc, but this is after doing a password thing (3rd and 8th letter). Get in touch with them that way.

 

[Nick65]

I've been using Fasthosts for a number of years and they have always been pretty good, but due to the outage last week, I'm in the process of moving some of my legacy sites from their 2003 servers to the 2008 servers, I've not had too many problems so far.

Also if you need to contact them, I tend to use the LiveChat Support>Contact Us>Live Chat. Having said that I don't think I've ever been asked for ftp details, it's normally account number and pin.

 

[LongLensPhotography]

Well my site is not even hosted by them (Zenfolio) but only domain name, so it is clearly fishy. What I do not understand is how this suspicious person can respond to email sent to support@fasthosts.co.uk. The emails also come from the same genuine SMTP server as before - so either somebody has their staff login details, or they have staff with dual interest?

 

[Nick65]

Well my site is not even hosted by them (Zenfolio) but only domain name, so it is clearly fishy. What I do not understand is how this suspicious person can respond to email sent to support@fasthosts.co.uk. The emails also come from the same genuine SMTP server as before - so either somebody has their staff login details, or they have staff with dual interest?

That's interesting, did you hit reply or click on a link in your initial email from them? in which case I'd suspect a phishing expedition. If you typed the email address in yourself, I'd think, like you, that it might be a security breech at Fasthosts and you might want to let them know. You could also have a look at the email header to see whether it did actually originate from Fasthosts.

Edit: Or it genuinely is from someone at Fasthosts, trying to sort out customer problems, in the fallout of the DDOS attack, but are going about it in a rather insecure way.

 

[LongLensPhotography]

I forwarded to the correct address. I am all too aware of fake reply-to or from fields. They have no need to know my externally hosted site's login details.

I will give them a call to chat about this.

 

[LongLensPhotography]

Just had a call. The person works there and I was shocked to hear that the email like that is their standard follow up procedure. The rep didn't make any effort to provide a good reason to basically require log on details to an e-commerce website with access to funds, customer details, etc.

I will be transferring out to vidahost asap.

 

[Nick65]

Just had a call. The person works there and I was shocked to hear that the email like that is their standard follow up procedure. The rep didn't make any effort to provide a good reason to basically require log on details to an e-commerce website with access to funds, customer details, etc.

I will be transferring out to vidahost asap.

Sheesh, I thought Fasthosts had learnt their lesson from their massive security breech in 2007 (http://www.theregister.co.uk/2007/10/18/fasthost_police_hack_investigation/). I guess they've got new staff now that don't remember the old days.

 

[nass]

They changed their support process about a year ago and outsourced tier 1 abroad. It hasn't improved anything.

 

[marksweb]

I'd never send username/password via email.

If they're your host then they should only need your domain. Then they can see internally where that domain lives & they should be auth'd via SSH on their own servers and shouldn't need to go near your account.