top of page
Search

Phishing Emails Are Getting Sloppy: Real Example Breakdown

I recently received an email claiming my website was about to be suspended. The message claimed to be from Wix, my website host, and used a strong sense of urgency to try and get my attention.

Naturally, I took a closer look. And honestly… it was pretty funny.


Phishing email claiming to be from WIX
Phishing email claiming to be from WIX

We can start from top to bottom of the email. You can see its a "Compliance Notice"

Looking at the sender, it comes from

wixreportsystem.help@gmail.com

Yes really, sent from a Gmail domain. First red flag is the obvious fake email. Any legitimate business will use their own domain to send emails. (in rare cases otherwise stated, but this is uncommon)


The email is sent specifically to my support email (support@cybercorks.com) which means they likely grabbed the first public email they could find. Wix would contact me through the email that owns the domain, not my support email.


The email refers to me as "Cybercorks" my website domain. While Wix knows my real contact info and name. We haven’t even reached the actual content yet, and we’ve already identified three red flags.


Now getting to the juicy content of the phishing email itself. I am not meeting "compliance standards" due to a "technical issue" which would, in theory, be an issue on their end if it were legitimate.


"repeated violations" will lead to suspension, even though its a technical issue. So apparently repeated technical issues on their end are now grounds for suspension.


At this time, your website's compliance level is at 54.3%

They even throw in a random percentage, like it’s a video game completion stat.


which is below our recommended standard of 99.9%.

"recommended standard"

That phrase alone doesn’t make sense. A standard is something you are required to meet, while a recommendation is optional. Mixing the two is logically inconsistent and a common sign of low-quality or fraudulent messaging.


They then claim to be the support team, contacting me through "reportsystem".


let us know if you would like support from our team

Translation:

“Please reply so we can scam you”


I will say the grammar and punctuation is good, until the very end where they add a random period for seemingly no reason.





What You Should Do


Now I do find this very funny and ironic, considering how this is sent to a site that prioritizes cybersecurity. But, it is important to know these phishing attempts still work on people, and are not always as poorly made as this.


Always remember:

  • Do not respond to suspicious emails

  • Never click unknown links or download attachments

  • Mark the email as spam

If you're unsure, contact the company directly using their official website, not the email you received.


How Did They Get the Information They Have?


My support email is listed on my site, while the name they used is simply the website domain. They likely have a bot script that grabbed the info and formed a fake email automatically with no human interaction.


Takeaway

Remember to practice good cyber hygiene to stay safe online. Emails will not always be obvious, but it becomes easier to identify the more you learn.


This email has nothing to do with Wix. Phishing attempts like this are common and are created by third parties, not the platform itself.





Comments

This site contains affiliate links in some articles. If you make a purchase through one, we may earn a small commission at no extra cost to you. Our opinions remain our own.

Privacy Policy

bottom of page