BrandLabs shared a warning post on Twitter this afternoon. While the email appears to be targeting Squadhelp sellers who utilize their White Label Marketplace (WLM), it is something anyone should be wary about:
.@squadhelp @GoDaddyHelp @DInvesting
New scam targeting sellers on Squadhelp who link their email to a WLM. Faked Godaddy email says your account will be suspended and give you a button to click on. Mine was sent from info@jeangaleart.com pic.twitter.com/9Lc6AVzS9N— BrandLabs (@BrightHawkIP) March 4, 2024
According to the person who posted the warning, the email address that received this phishing email is used exclusively within his WLM website. Further, in order to see the email address, someone would have to click the contact us link. I am not sure if this means the person behind the phishing effort clicked the contact button or has an automated way to do it.
If someone were to click the link in the email, I suspect they would be taken to a page where they would be prompted to enter their GoDaddy login information. If the person does not have 2 factor authentication enabled on their GoDaddy account, it would likely give access to their account. For what it’s worth, the phishing page could also ask for a 2FA code, so that is not fool proof. It looks like there is also a phone number listed on that email. A quick Google search shows that is a French GoDaddy contact phone number, but the embedded number could be different in case someone clicks it from their mobile.
People need to be mindful when clicking any link from an email. If they do click a link, they should also be sure they are on the correct website with SSL certificates lined up. GoDaddy almost always includes the GoDaddy Customer Number in their emails, so if that is incorrect or missing, there is a good chance the email is fraudulent.
This is a good reminder to always be vigilant when looking through emails.
GoDaddy’s James Iles commented about this on Twitter: https://twitter.com/jamesiles/status/1764949517307097176