× For the latest news regarding our services, please visit status.rebel.com
go back to rebel.com

Rebel Help Center

Articles in this section

How to Identify and Report Phishing Emails (Rebel Plesk Hosting)

Avatar
Israel
Updated
Follow

For our clients using Plesk Web Hosting email, your security is our top priority. Phishing attempts—where attackers impersonate a trusted company to steal credentials—are becoming more sophisticated. To "win every fight," we need to stay one step ahead.
 

1. How to Identify a Phishing Email

Before clicking any link or taking action, perform these three security checks:
 

Check the Sender Address

Do not trust the "Friendly Name" (e.g., "Rebel Support").

  • The Golden Rule: Official Rebel communications will always end in @rebel.com.

  • Pro-Tip: In your webmail, click on the sender's name to reveal the actual email address behind it. If it doesn't end in @rebel.com, it is a scam.
     

Inspect the Links

Hover your mouse over any button or link (without clicking!) to see the destination URL in the bottom corner of your browser.
 

  • Red Flag: If the link looks like https://asendmail.com/rebel.com... or any domain that isn't rebel.com, it is malicious.

  • The Reality: Rebel does not send unsolicited "Account Verification" links.
     

2. How to Report a Scam using Plesk Webmail

If you receive a suspicious email, please report it to us before you delete it. To investigate and take down these fraudulent sites, our security team needs the Email Headers.
 

How to get Headers in Webmail:

  1. Log in to your webmail at webmail.yourdomain.com.

  2. Open the suspicious email.

  3. Look for the "Headers" link (usually located at the top of the message pane near the subject/date).

  4. Click Headers. A window will pop up with the technical routing information.

  5. Copy and Paste that entire block of text into your chat or email support ticket.
     

3. IMPORTANT: The "Cloaking" Tactic (Disclaimer)

Phishing attacks have become highly targeted. Our System Administrators have identified that these specific attackers use "cloaking" technology:
 

  • The "Resource Limit" Trick: If you access the link from a corporate network or a VPN, you may see a message saying "Resource limit exceeded." This is a tactic used to hide the scam from security researchers.

  • The Target: The malicious content is often designed to only appear for users on Canadian residential internet connections.

  • The Trap: If you are at home in Canada, the landing page will look identical to our official login page.
     

Do not be fooled: If the URL in your browser doesn't start with https://www.rebel.com, it is a trap.

4. Contact Us Right Away

If you are ever unsure, contact us through our verified channels:

Related articles

Comments

0 comments

Please sign in to leave a comment.

Contact Rebel Support

service@rebel.com

Live Chat

Live Chat: Every Day 8am-10pm ET

1-866-497-3235