CloudFlare has issued an alert to warn customers about a phishing scam that is currently making the rounds.
The phony emails read:
“Dear cloudflare.com client, costumer (has user Domain.com in it)
Domain account (Domain of website) has exceeded the limit load available for the existing pay rate plan.
Methods of load analysis and elimination :
(URL removed for obvious reasons)
In order to prevent your account from being locked out we recommend that you change the existing rate plan onto a more powerful one or limit the server load by means of code optimization.”
The link contained in the email points to a cleverly set up website that’s designed to trick users into handing over their CloudFlare login credentials.
The company advises users not to click on the link. Those who already have are recommended to immediately change their passwords by using the “forgot password” feature.