It’s all about phishing: Fake messages sent out in our name

Fake messages emails phishing

On a regular basis fake emails and text messages are being sent out in our name to some of our customers. In this emails and text messages recipients are prompted to log on or pay a fake invoice. In reality these are fake versions and the login details are sent off to individuals who undoubtably had bad intentions with it.

Because we value the security of our customers and their data, we would like to inform you further about this incident via this page.

Has Combell been hacked? The answer is no

Unfortunately, several of our customers have already received phishing mails. Supposedly from Combell, but in reality from fraudulent cyber criminals.

"Has Combell been hacked?", "Is something wrong with your online security?", "Is my data safe with you?" … We get such worried questions from time to time. It's perfectly normal for observant customers to question these fake emails and/or text messages.. Because vigilance is key.

To answer those questions right away:

  • No, Combell has not been hacked.
  • Yes, Combell is still your ultra-secure and reliable hosting partner.

How did hackers get your customer data? Well here's how:

When you register a domain name, the associated contact details are - by default - publicly available. This is information that anyone can look up in seconds.

Just visit the WHOIS database and you’ll immediately see who owns a given domain name. Hackers regularly scan this database for domains hosted with Combell. That’s how your domain ends up on their list of targets.

And they don’t stop there: there are external tools that can find personal email addresses for anyone in your company - sometimes even via LinkedIn. Once they’ve collected enough addresses, they send their fake but convincing phishing emails to general inboxes like info@yourdomainname.

Ping! You’ve got mail - but it’s a fraudulent one.

As you can see, this has absolutely nothing to do with a security breach at Combell. No way!

Important to know:

  • Combell does not send these emails.
  • WHOIS publication is a standard procedure for domain registration - unless you have activated privacy protection.
  • Responsibility for these phishing attempts lies entirely with the criminals who send them.

How to recognise phishing

  1. Check the sender’s address: it may look like ours, but with subtle differences.
  2. Watch out for urgent or threatening language: “Pay now or your domain will be deleted” is a classic example.
  3. Inspect links before clicking: hover your mouse over them to see the real address. If it’s not combell.com or another trusted domain, don’t click.
  4. Be cautious with attachments: never open unexpected files.

What you can do

  • Activate WHOIS Privacy to hide your personal details.
  • Report phishing by forwarding suspicious emails to abuse@combell.com.
  • Ignore and delete: do not click links or open attachments.

As we speak, Combell is doing everything in its power to put an end to this wave of fraud. We investigate every report! In the meantime, protect yourself and your mailbox by reading the useful information on our website. On this page, you are already at the right place.

What should you pay close attention to?

Always check your address bar before entering your login details. The correct URL you need to see when you are asked to enter your details always starts with https://identity.combell.com/login. Whether you access it via www.combell.com or via my.combell.com, this is the only correct URL for the login screen.

Phishing - correct url of our login screen

The right URL structure is very important. In a recent phishing attack, for example, the URL was http://identity.combell.comauthentify.jgcoudray.fr/combell/index.html. As you can see, part of the correct URL is often taken to make the fake URL as similar as possible to the correct URL. Always check that the URL starts with https://identity.combell.com/login and not a variant.

Phishing - false url of our login screen
Example of a fake url

How can you avoid a phishing attack?

Below, you will find further examples of phishing emails and fake login screens so that you do not fall into the trap.

If you're unsure, don't hesitate to contact us. We know exactly which emails we have sent to you so we can quickly identify fake emails. If you need further information on these fake emails, or if you think you are a victim of this, please contact us as soon as possible.

More tips and tricks

What is a phishing email and how can you tell it is a fake email?

Wat do you need to do when you left behind your login details?

  • If you have received this email, clicked on the link and logged on with your credentials on this fake page, you need to take action immediately.
  • You need to reset the password of the Combell account which you used to log on. You can do this via https://identity.combell.com/forgot-password.
  • With your a-mail address and new password you can then log on again.
  • We strongly advise you to reset all the passwords of your Combell users, and also all passwords of all products that you have with us (webhosting, FTP users, the passwords or your mailboxes, ...).
  • We also strongly advise you to report this incident to support@combell.com. An engineer will inspect your account and might give you more tips and advice to securing your data even more.
  • If you see it fit, you can also file an official complaint at your local police station.

What happens in a phishing attack?

  • Customers receive an email supposedly from Combell, informing them of irregular behaviour on their account.
  • These emails were not sent by Combell but by a third party who used our logo and name to draft a so called "phishing mail".
  • These emails were sent to random email addresses (info@, webmaster@, david@, tom@, ...) of domain names that are registered by Combell.
  • The email prompted users to click on a link and log on to the Combell control panel with their customer details, to verify their identify.
  • In reality, the visitor was redirected to a fake version of our website, which also was not hosted by Combell.
  • When a user would log on to this fake website using his customer credentials, these credentials would most likely be sent off to a malicious person or organization. The details could then be used to illegally log on to a Combell account and alter or delete services and products, place fake orders, ...

What does Combell do about this situation?

  • Combell takes every phishing report very seriously. It is important that our customers tell us what kind of fake emails are being sent.
  • Depending on the number of reports, Combell can decide to inform its customers via social media or even via email.
  • Contact is always made immediately with the company that was used to host the fake website or to send the emails. This means we can often take the fake websites offline within a few hours, but we are dependent on other web hosting providers to do so.
  • Our spam filters are updated as soon as possible to immediately block fake emails on our own servers, should they be sent again.
  • For additional security, we offer two-step verification for your Combell account. If your password ends up in the wrong hands despite all the precautions taken, your account remains protected by the second factor.

Examples of fake emails and text messages

Example smishing (phishing via sms) September 2023
Example phishing mail August 2023
Example phishing mail January 2023
Example phishing mail January 2023
Example phishing mail May 2020
Phishing mail 28 april 2020
Example phishing mail April 2020
Voorbeeld phishing mail december 2019
Example phishing mail December 2019
Example phishing mail November 2019
Example phishing mail November 2019
Phishing voorbeeld mail september 2019
Example phishing mail September 2019
Example false login screen September 2019
Phishing voorbeeld mei 2019
Example phishing mail May 2019

 

Related posts

Everything you need to know about the European Accessibility Act (EAA)

Everything you need to know about the European Accessibility Act (EAA)

  • 27 February 2025
  • Reading time: 9 min

June 28, 2025, is the day: the European Accessibility Act 2025 (EAA) will come into effect across the entire European Union. From then on, many websites and webshops must be...
The US CLOUD Act explained: how to keep your data safe and GDPR-compliant

The US CLOUD Act explained: how to keep your data safe and GDPR-compliant

  • 15 October 2025
  • Reading time: 5 min

One of the most talked-about laws affecting US cloud providers is the CLOUD Act. It compels American companies to hand over data to the US government no matter where that...
“They really pamper us”: how Combell powers Procademy’s learning platform

“They really pamper us”: how Combell powers Procademy’s learning platform

  • 24 September 2025
  • Reading time: 5 min

Looking for a versatile learning platform to share and spread knowledge? Meet Procademy, the most flexible and ISO-certified learning platform in the Netherlands. That makes ultra-secure hosting a must. “Combell...
Combell: The trusted Microsoft 365 partner for Roels Multimedia

Combell: The trusted Microsoft 365 partner for Roels Multimedia

  • 5 September 2025
  • Reading time: 4 min

IT issue? One quick call is all it takes. Clients of Dieter Roels, owner of one-man business Roels Multimedia in Wetteren, know they can always count on him. But when...