InMotion Hosting Support Center

There is a recent phishing scam going around via email that is trying to trick website owners that there is an issue on their server. It then instructs them to enter in their cPanel credentails in order to resolve the problem, but it links off to a fraudulent phishing site, and not the legitmate cPanel login interface.

Fradulent email to look out for claiming Fatal ERROR!

These are the important parts of the message to pay attention to:

Email Header

Subject: Fatal ERROR! Data lost risk!
From: "CPanel Network Server Monitor" <>
X-Mailer: PHP

The Subject will typically read Fatal ERROR! Data lost risk!

The From will typically read CPanel Network Server Monitor the sender will appear to be from your domain.

The X-Mailer will typically read PHP indicating the message was directly sent from a spam script, not a mail client.

Email Body

The body of the message will make it seem like there is a fatal error (usually related to MySQL) and then provide you with a URL to click on to "resolve this issue".

Message from CPanel Network Server Monitor, 10/07/2013 00:12:00:


Fatal ERROR! Data lost risk!

ERROR: Opening connection to database, ADO error: Unspecified error

MYSQL Server does not exist or access denied.

To resolve this issue, please, restart MySQL Server, using this URL:

Email URL links to fake cPanel

When you click on the URL, it takes you to what appears to be a normal cPanel login interface.

However pay close attention as the URL mentions index.php?

You can also see that instead of using your domain name to access cPanel, the URL is trying to use an IP address. This IP address is from a hacked server, and when you try to type in your cPanel credentials it's going to reject them with a password failed error.

You've just confirmed that your domain is and just given up your cPanel credentials to a hacker.

Ensuring a proper cPanel login

To ensure you're logging into your real cPanel account you can follow the steps in our login to cPanel article.

In your web-browser's address bar if it doesn't read one of the following formats, don't login:


Reset cPanel password if you suspect it was stolen

If you suspect you accidentally followed this phishing scam, please be sure to reset your cPanel password.

Support Center Login

Social Media Login

Social Login Joomla

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Post a Comment

Email Address:
Phone Number:

Please note: Your name and comment will be displayed, but we will not show your email address.

0 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?


Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail:
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!