Beware of phishing

Fraudulent emails and text messages are regularly circulated, claiming to be from Mediawax. These messages ask recipients to log in or pay a (false) invoice. In reality, these links lead to malicious websites, where login credentials may be intercepted and misused.

The security of your data is our top priority. Therefore, we are happy to inform you about this type of fraud on this page and provide you with practical tips to recognize and avoid phishing.

Has our website been hacked?

Unfortunately, some customers have received phishing emails claiming to be from Mediawax. In reality, these are messages from cybercriminals exploiting our name and image.

Our systems and infrastructure have not been compromised. The phishing messages are completely separate from our environment and are a known form of online fraud. By remaining vigilant and recognizing suspicious messages, we can work together to combat these practices.

How do hackers obtain your data?

Cybercriminals use public data to send phishing emails. If you register a domain name, the associated information is often publicly available through the WHOIS database. Hackers scan this database for domains hosted by Mediawax, putting your domain name on their target list.

Did you know that some commercial websites even sell this data?

Fortunately, there's good news: since 2018, GDPR has ensured that personal data, such as the name and email address of the domain owner, are no longer publicly visible. Note: if you register a domain name under your company name, your company name and email address are visible.

Hackers go even further: using external tools or platforms like LinkedIn, they try to obtain employee email addresses. They then send fake, completely fraudulent emails to generic addresses like [email protected].

Important to know:

• Mediawax does not send these emails.

• WHOIS publication is standard procedure for domain registration, unless you activate privacy protection.

• The senders of the fake emails are entirely responsible for phishing.

• How to recognize phishing

• Check the sender address: it often looks similar to ours, but differs subtly.

• Urgent or threatening language: for example, "Pay now or your domain will be deleted."

• Check links: Hover your mouse over a link to see the real address. If it's not mediawax.be or a trusted domain, don't click.

• Unusual attachments: Never open unexpected files.

What you can do

Report phishing: Forward suspicious emails to [email protected].

Ignore and delete: Don't click on links and don't open attachments.

In short: this has nothing to do with a security vulnerability at Mediawax. It's all about clever tricks by cybercriminals—vigilance is your best defense.

What to do if you've responded to a fake email

Did you accidentally click on a link in a phishing email and log in to a fake page? Then take immediate action to protect your account and data:

1. Reset your password immediately

2. Go to https://www.mediawax.be and set a new password for your customer account.

3. Check all passwords

4. Log in again with your new password.

5. We recommend resetting the passwords for all other user accounts and products via the Mediawax control panel. This includes:

6. Web hosting and FTP accounts

   All mailboxes

7. Credit card details? Contact us immediately

   Did you also enter your credit card information? Then call your bank or Cardstop as soon as possible at 070 344 344 to have your card blocked.

8. Consider filing a police report

9. You can also file a complaint with your local police station against unknown persons.

   By following these steps, you'll significantly reduce the risks and restore the security of your accounts and data.

What happens during a phishing attack?

In a phishing attack, malicious actors attempt to obtain customer data by posing as Mediawax. This usually happens as follows:

Fake emails:

Customers receive an email purporting to be from Mediawax, for example, about renewing or paying for a product.

Malicious sender:

These emails are not sent by Mediawax, but by third parties who misuse our name and logo to create a phishing message.

Random recipients:

The emails are sent to various addresses, such as info@, webmaster@, or personal email addresses, of domains registered with Mediawax.

Use of public data:

The senders collect lists of domains via public WHOIS information. This means that the phishing emails do not come directly from Mediawax.

Login request:

The email asks users to click a link to log in and supposedly confirm their identity.

Fake websites:

The link leads to a website that accurately mimics the Mediawax login screen, but is not hosted by Mediawax.

Logging in risks:

Anyone logging in to this fake website is actually providing their login credentials to a malicious actor. These credentials can then be misused to:

Improperly log in to the customer account

Change or remove services

Place orders or manipulate payments

Fake invoices and payment requests:

Sometimes these emails also request payment of a fake invoice and credit card information.