How to protect your account in the COVID-19 era

How to protect your account in the COVID-19 era header image

Our customer support agents and fraud team have recently reported an increase in phishing, hacking, and social engineering attempts over the last few months. Bad actors are taking advantage of the turmoil surrounding COVID-19 in an attempt to gain access to confidential information.

We’re doing everything we can to increase security in response to this troubling new trend, but there are several things that you can do as a customer to protect your domains and products from harm’s way. Take these precautions to protect yourself and your account.

1. Update your password

If you have not recently updated your password, or you are using the same password for multiple logins, we highly recommend changing it to something strong, secure, and unique. Make sure your new password includes numbers, symbols, and upper and lowercase letters. If you’re worried about remembering your new password, tools like LastPass or PassPack can save passwords for you in a secure manner.

2. Use additional security measures on your account

We offer several additional security measures for our customers, free of charge. This includes the option to set up two-step verification on your account and hosting, or using Domain Lock Plus to prevent unauthorized transfers and changes to your domains. You can also turn on account alerts that will email you each time a failed login attempt occurs.

3. Do not share your login information with anyone

Even if you believe you are sharing your login information with someone you can trust, it can expose your account to even more risk if their information is compromised. Instead, have a single person take care of account-level activity on behalf of any other website or domain stakeholders. You can also create sub accounts to allow other people limited access to the main account.

4. Do not share confidential information over email or chat

We will never ask you to enter sensitive information like your password, account code, or transfer authorization codes via email or chat. If you receive any messages asking for that type of information, it generally will not be coming from us and is likely a phishing attempt. You’ll also only receive direct phone calls from members of our Support team if you have already contacted us for assistance.

If you are ever unsure if you have received an official communication from us, you can contact our support agents via the official Support link to check.

5. Be patient and follow instructions provided by support agents

It can be frustrating when our customer support agents ask you for details you might not know off of the top of your head. While it sounds great to be given a break “just this once,” social engineering is a common tactic used by bad actors to make unvalidated changes to your account. Take a look at this video to see just how devastating it can be when social engineering works.

Remember, our customer support agents want to help you but must stay vigilant to prevent social engineering from working–and unfortunately, we’ve seen a decisive increase in these attempts over the last few months.

So when a support agent asks you to provide a certain document or piece of information before giving you access to your account, remember that they are doing their due diligence to ensure that they are helping the real you and not an impersonator.

We at are doing everything we can to keep your account as secure as possible. But taking additional precautions can contribute to your peace of mind and prevent the worst from happening.

Thank you, once again, for being a customer!