A new phishing scam spoofing GoDaddy is being actively intercepted by MailGuard’s AI-powered threat detection network. This scam, designed to harvest credentials and credit card information, is deceptively simple yet highly effective, luring victims with the appearance of a legitimate billing issue notification.
The phishing email appears to come from "GoDaddy Alerts" (support(at)alizadetajhiz(dot)com), claiming that your payment method has failed and urging you to "Update Payment" to avoid service interruption. While the message mimics GoDaddy’s branding, it's a fake, and the email directs users to a phishing site.
Once the user clicks the button, they are taken through a multi-stage phishing process:
Step 1. Credential Harvesting
The first page prompts users to enter their GoDaddy username and password.
Step 2. Credit Card Collection
The second screen requests payment details, including cardholder name, number, expiration date, and CVV.
Step 3. SMS Code Verification
A final screen asks for a one-time code sent via SMS, under the guise of transaction verification. This is a strong indicator that the scammers intend to test or charge the stolen credit card immediately.
Each stage is carefully crafted to appear authentic and is designed to bypass casual scrutiny, particularly by individuals unfamiliar with GoDaddy's legitimate processes. Aside from the phishing page link which is not an authentic GoDaddy domain, the formatting is well executed and may fool some users. Other giveaways that it is a scam, are the inclusion of French language ('Nouveau sur GoDaddy') on the initial Log In screen, and the misspelling of 'payment' ('payement') on the payment confirmation screen.
While the email appears basic in design, its layered social engineering approach significantly raises its risk. The attackers are clearly attempting to monetise stolen credentials rapidly by layering phishing steps for login, credit card, and SMS-based authentication details.
Stay Safe - Know the Signs
MailGuard advises all recipients of these emails to delete them immediately without clicking on any links. Responding or providing personal details can lead to identity theft, data breaches, and financial losses.
Avoid emails that:
Many businesses turn to MailGuard after a near miss or incident. Don't wait until it's too late.
Reach out to our team for a confidential discussion by emailing expert@mailguard.com.au or calling 1300 30 44 30.
All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.
For a few dollars per staff member per month, you can protect your business with MailGuard's specialist, 'zero zero-day' email security. Special Ops for when speed matters! Our real-time 'zero-zero-day', email threat detection amplifies our client’s intelligence, knowledge, security and defence. Talk to a solution consultant at MailGuard today about securing your company's inboxes.
Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.