CS · EN

Admin Panel - Phishing

In this article, you will learn:


Email verification

If you receive a suspicious email warning about the expiration of a domain, Webhosting, or another service, verify it using these steps:

  1. Check the sender's email address. Even if the sender name is VEDOS or some variation of it, check the sender's email address. If an email with the sender name VEDOS (WEDOS) does not come from the domain @wedos.com or @vedos.cz, it is probably a fake. This also applies to typo-squatted and similar domains, such as:
    • @vvedos.com – two v letters next to each other look like w, a so-called typo-squatted domain,
    • @wedos-webhosting.cz – the first part is correct, the second one extends it in some way,
    • @wedos.app – correct name, wrong ending, or
    • wedos@nejakadomena.tld – wedos mailbox, wrong domain.
  2. Check the destination of links. The destination of any link for service management or payment should start with the customer administration address, i.e. https://client.wedos.com/. Always check the actual destination of the link, not just the text you click on. As with step 1, you may also encounter typo-squatted or otherwise fraudulent domains here.

VEDOS never shortens links to the administration. Links such as wds.cz/abcdef or bit.ly/123456 are fakes.

You can find the real address of a link by hovering the mouse over it – the browser usually displays it in the bottom-left corner of the screen.

Sample fake link address
Sample fake link address – the real link (bottom left) leads somewhere else than the link text in the fraudulent email suggests

It is no longer true that fraudulent emails have a sloppy appearance (or are completely unformatted) and poor Czech. Thanks to artificial intelligence, it is very easy to create an email practically for free that, on the contrary, inspires trust with its high quality of appearance and language. However, scammers still favor a high level of urgency – they try to force you to act as quickly as possible so that you overlook warning signs until it is too late.


Checking the status of services

If the fraudulent email nevertheless caused you concern about the status of your services, check them directly in the administration. The easiest way is to check the order list using these steps:

  1. Log in to the customer administration ⧉.
  2. Click Billing in the navigation bar.
  3. Select Orders in the left menu.

In the displayed list of orders, you can immediately see which service is paid and which is not. More information can be found in the article Billing – Overview of orders and documents.

List of orders in the customer account
List of orders in the customer account

Keep in mind that the domain and Webhosting are separate services. To run a website (and emails), you need both.

If you do not see the service here at all, make sure that:

  • the service is provided by VEDOS,
  • you are logged in to the correct customer account.

If you are unable to find the service, ask support for help ⧉. Provide the name (domain, e.g. wds-test.cz) and type (domain, Webhosting) of the service you are looking for.


Reporting phishing

If you receive a fraudulent email, follow these steps:

  1. Do not click any links or buttons in this email.
  2. According to your mail client instructions, obtain the message header (a sample header and instructions for WebMail can be found here.)
  3. Report phishing through the form. Attach the obtained header, and optionally other materials such as screenshots, the target address of links, and more (if you can obtain them safely).

Getting the email header in WebMail

The email header contains detailed information about the message that can be used when diagnosing problems. In WebMail, you can display it by clicking the arrow on the right side of the block with message information.

We also recommend opening the email in text format in WebMail (see image).

WebMail: Open email in text format with the header displayed
WebMail: Open email in text format with the header displayed

Frequently asked questions

What should I do if we have already entered login or payment details into a fraudulent email?

In the case of login details for the customer administration, change them as soon as possible according to the instructions Administration – Customer account. These instructions also include information about other security methods that can prevent a scammer from logging in to the account even if they know both the username and password.

In the case of stolen payment details, cooperate with your bank, or the police if necessary.