This has been going on for 48 already and every time we release the block, we find the DDOS is still going.  To keep it from effecting the entire web server, we need to block the IP.

All sites on this shared IP will be unavailable until the attack stops.

If you have logged into this website, you must immediately login and change all passwords as well as check your site contents for signs of tampering.

Whenever you receive e-mail from us, with a link to log into your control panel will have ixwebhosting.com as the domain. Please be sure, when following this link, or any other received in an e-mail, that you check the address bar to confirm the domain you are currently on.

Update: We are continuing to see the phishing attack pop up on other websites.  We have been getting them shutdown, but it is a whack a mole process.  We are in the process of creating some guidelines to help you know that you are logging into the correct website.  However, in the mean time if possible please call into our call center if you have questions or concerns related to the IX customer login.

Update:

You can protect yourself from these types of phishing scams by doing a few simple checks:

• Do a domain check on any links:
  • If an e-mail contains links to your account, don’t click on it until you have checked out the domain that the link leads to.
    • Any links we provide to your account will include our domain name at the beginning like this:  https://manage.ixwebhosting.com/index.php/login.dspFrmLogin
    • Phishing links may contain a reference to our domain, but the URL will start with a domain other than IX Webhosting.  It may look something like this:  http://www.someotherdomain.com/plugins/spip-lettres/lang/?dada=ixwebhosting.com
  • Sometimes the link passes this test but after clicking on it you end up at another website.  Anytime that you do decide to click a link that has been e-mailed to you, make sure that the website you end up on passes the domain check as well.
  • Pay extra attention to details such as the use of characters that look similar, but are actually different (like number 1 instead of letter l).
• Check the SSL:
  • If you are going to a site that is secured by SSL, like our account login page, you’ll know this is a secure connection because the address will begin with https:// and, depending on your browser, you’ll have a closed lock icon appear in either the address bar at the top, or the status bar at the bottom of your browser.  A quick double click on the lock will tell you the domain that the SSL was issued to, if there is no closed lock icon, or the SSL was issued for  a domain other than ixwebhosting.com, the e-mail is most likely a phishing attempt.
• Protect your information:
  • Never send private information, such as credit card numbers, passwords, etc via e-mail correspondence.
  • If you are ever in doubt whether an e-mail you received is actually from IX Webhosting or not, you can always verify it by contacting us via phone, ticket or chat.

If you have already responded to this or any other phishing scam by clicking the link and entering your username and password, it is important that you immediately change all of the passwords in your account (your main login as well as ftp, email, etc), and check your site content for any changes to your files. If you have any questions, please feel free to contact our 24/7 support team.