CloudFlare users targeted by phishers

Popular content delivery network and distributed domain name server service CloudFlare has issued a warning to its users about an ongoing phishing scam:

Dear client, costumer (has user in it)

Domain account (Domain of website) has exceeded the limit load available for the existing pay rate plan.

Methods of load analysis and elimination :
(URL removed)

In order to prevent your account from being locked out we recommend that you change the existing rate plan onto a more powerful one or limit the server load by means of code optimization.

The embedded link takes users to a spoofed login page that forwards the entered login credentials to the crooks behind the scam.

CloudFlare advises anyone who fell for the scheme to immediately use the “forgot password” link on the CloudFlare page to reset their password to a new secure password.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss