Beware of the Malware 100% SCAM from HostGator & SiteLock

Bed & Breakfast / Short Term Rental Host Forum

Help Support Bed & Breakfast / Short Term Rental Host Forum:

This site may earn a commission from merchant affiliate links, including eBay, Amazon, and others.

dumitru

Well-known member
Joined
Oct 7, 2013
Messages
361
Reaction score
60
Location
Dortmund, Germany
OK, so I decided to share this amazingly frustrating and infuriating experience that I'm going through right now with HostGator, a hosting provider. Some of you might be their customers. It is a longer read, but what happens is actually frightening.
So here's the deal. I've been a HostGator customer for ~10 years. Currently I have 2 accounts with them, for one I pay $110 / year, for another I pay $648 / year, that is $760 total per year for hosting (yes).
Today at 5:17 PM (my time) I get a long email from them informing me that my cheaper account has been suspended for distributing malware. As a developer that's always an alarming thing to happen, as I immediately assume that all my credentials have been compromised across all platforms.
I check my domains associated with this account and, sure thing, all 10 domains (with ~7,000 daily visitors combined) show a parked page (with ads earning money for HostGator).
So I immediately jump back to the email to read what happened, what files were compromised and how to proceed. And that's when Thor's hammer hits me.
Now that 5 hours have passed since my domains are suspended (and their support is even slower than Ben Carson), I was able to put together the timeline of what happened:
1. On 29th of January 2016 (more than 3 weeks ago) a German website that sells "website security services" sends a made-up abuse letter to the Abuse department of HostGator, informing them in a very spammy-worded letter and with bad grammar, that their automated scanner revealed that my domain name "PERHAPS" contains some malware, even though they are not sure. And this third-party German company thinks that HostGator SHOULD NOT disable my account but MAYBE should inform me that MAYBE my domain has some issues. And that I should hire this third-party German service to make an audit of my website.
The letter contains zero information about the alleged malware, about the location, about the file, type of malware, etc. 100% SPAM/SCAM letter.
2. On 23th of February 2016 (today), HostGator suspends my account and simply forwards me the letter from the German company, and adds the following statement at the top of the email:
In order to remove the restrictions we'™ve placed, you must resolve the security issue and remove what malicious content was listed. If you do not believe you can do so on your own, you may use a reputable third-party security service, such as SiteLock, who can be reached directly at 877-563-2849. Please note that repeated reports of malicious content on your account within 60 days of an initial notice will lead to further action being taken, including permanent suspension after failing to professionally clean the account.
Once you have taken steps to secure your account of the reported content, please reply back to this ticket to request review.
This "reputable" third-party security service that they are referring to, SiteLock, is a partner of HostGator and they have been aggressively pushing it on a lot of pages and in multiple support pages. This service costs an extra ~$2-3 / month and basically does what any hosting provider should do by default for their customers - protect their websites from unauthorized access.
HOWEVER, if your website has already been reported as compromised (which mine has), then SiteLock does a clean-up job for a $200 one-time fee.
In the email latter HostGator provided ZERO information about the issue: they can't say what has been compromised, they can't say where the malware is located, they can't say absolutely anything. You know why? Because there is no malware.
Google Webmaster Tools does not report any issues, and usually they are the first ones to catch any mischievous actions.
3. I immediately contacted HostGator live chat, and after about 20 minutes of talking to the support rep I was told that the support rep cannot do a thing, that he has zero access and knowledge of the issue, and that I should do as told - hire SiteLock.
Then I took the issue to Twitter, where HostGator immediately responded about 5-6 times, and in every single tweet all they could say is along these lines: "We don't know what happened, but you should pay SiteLock the $200 and then they will do the job for us".
They also repeatedly told me to scan my website, which I did of course, and there's absolutely nothing there. No recently modified files, nothing.
4. While doing the Twitter thing I also asked some questions and updated the alleged malware support ticket that they created. It has been 5 hours and nothing happened yet.
[h2]
In conclusion: [/h2]
HostGator pushes the services of their partner SiteLock by hijacking and blackmailing their customers into paying the $200 clean-up fee and by signing up with SiteLock for the monthly payments. They do this by creating fictional abuse malware reports or by using them in their own interests.
And if they don't create the abuse reports themselves, they simply suspend any account that gets even fictional and spammy abuse reports. They don't investigate, they don't review, they simply suspend and try to sell a third-party service. And the funny thing is that in their letter to me informing about malware, they also CC'ed it to the email address of SiteLock. So what they also did was share confidential information about their customer with a third-party service, without me wanting that, asking for that or anything else.
The same issue has been reported in the last couple of months here and here.
I'm telling you all of this so that you know to never trust even your hosting companies, whoever they are. Because in an attempt to grab some easy money, they can hijack your websites for made-up reasons and "suggest" using partner services.
Tomorrow I will file whatever complaints that I can with the US and European consumer protection agencies, as this is simply appalling.
Thank you for listening ^_^
 
I'm really sorry and chagrined to hear about all the trouble you're having. Businesses are becoming very bold at taking advantage of people--- This topic could be filed under "What is This World Coming To "
 
Horrible. I sure wish you the best in getting this resolved quickly.
For many of us our websites are our business life line, with out it we are dead in the water.
That is what these deplorable web hosts are hoping for as they think we will quickly do as they say while they hold our sites hostage.
 
Thankfully this account has my non-essential websites, like my personal blog, my wife's blog, etc. If they go offline for a day or two that's no problem.
But I'm thinking about the thousands (if not more) of website owners that get an email like that from their hosting provider (someone who should be on THEIR side) and they trust them by paying this extortion fee. Then they pat themselves on the back by thinking that it could have been worse, and $200 isn't that much to get saved from such a situation.
I wonder which HostGator executive bought a new house or a Lambo from extorted money through this scam...
 
This is ridiculous!! Shows how we have no control even if we think we do. Almost all of my sites are hosted locally so if anything happens like this I would be there pounding on the door.
personally I have never hear good things about host gator and would not use them. I hope you are changing hosting companies before they do it to your important sites.
 
I am so sorry you are going through this. Very scary for those like me who are numbnutz. I have received e-mails in the last couple months from my back-up company telling me to uninstall and then re-install the system. Said my back-up had not been done successfully for a period of time. I deleted the e-mail. I would rather risk going dead than to follow something like that. Since then I got "monthly statements" telling me how many files have been backed up. Assume the uninstall was a scam.
 
How awful. Reminds me of the places that charge you to remove the virus THEY put on your computer. Pure extortion. I can just picture EmptyNest pounding on doors if this happened to her. I've never dealt with anything this bad, but if I did, I think I'd be traveling to the company's headquarters to have a talk with them in person! Of course, they'd call the police then you'd have that expense on top of all the others.
Absolutely ridiculous situation. As a consumer, you know the one weapon you have. Burn them on every review site you can. Tell EVERYBODY!
 
Do I have permission to do a copy/paste of your post on a UK Forum? I would like to warn them also. It is a closed Forum.
 
Do I have permission to do a copy/paste of your post on a UK Forum? I would like to warn them also. It is a closed Forum..
Later in the day I will post an in-depth article on the blog, I think it is better to wait until then and link to the article for all the details, screen-shots, etc.
 
I'm with Gillum. I am so web unsavvy. I wouldn't know what to do--probably sit down and have a good cry. I also just delete stuff without opening if it looks scammy. I figure the legit companies I deal with have my number. They can call if they really need to get ahold of me.
 
OK, so they admitted this was a scam.
I do apologize for the inconvenience as security department review each ticket in the order received or re-opened. Upon reviewing the issue the ticket was escalated to my department. I have had our administrative staff proceed with removing the restriction. I do apologize for the inconvenience as the account was not properly confirmed to be compromised. Please do note that in the cases of third party reports, we take those reports, review the report, then the account and once confirmed to be indeed compromised the restriction is placed though human error can occur.
After reviewing the account and found to be not compromised, the restriction has been lifted. Due to the issue that arose I have also extended the shared hosting package on this account by three months. The previous due date was 5/xx/2016 and it is now 8/xx/2016.
These ***********ers think they can buy me with 3 months of hosting.
 
I'm with Gillum. I am so web unsavvy. I wouldn't know what to do--probably sit down and have a good cry. I also just delete stuff without opening if it looks scammy. I figure the legit companies I deal with have my number. They can call if they really need to get ahold of me..
In my case this email was as legit as it can get, because they actually suspended my account. They didn't just try to trick me into buying something - they actually hurt me and my websites.
The situation can be compared to something like this: one day the police arrests you in the street and immediately sends you to jail, without a trial. And while you are in prison, they tell you to figure this one out, to try and find out why you got to prison, and buy your way out of it.
 
Well, apparently SiteLock and HostGator are actually owned by the same corporation (EIG). This corporation owns about ~150 web hosting services from all over the world. So chances are that some of you are hosted with their other companies, if not HostGator.
And I JUST got the expected email from SiteLock, telling me that my site probably has malware and that I should urgently call them up. So they are late to the party...
 
Unbelievable! Though I'm sorry this happened to you - I'm glad that somebody with your knowledge and expertise has called them out on this scam. I'm sure the vast majority of people just thank their lucky stars that there is a safety net who will take their money and blindly pay the slimy thugs.
This story needs to go viral!
 
Unbelievable! Though I'm sorry this happened to you - I'm glad that somebody with your knowledge and expertise has called them out on this scam. I'm sure the vast majority of people just thank their lucky stars that there is a safety net who will take their money and blindly pay the slimy thugs.
This story needs to go viral!.
I just shared the link with a group 3000 web developers! That might get some reactions going :)
 
Unbelievable! Though I'm sorry this happened to you - I'm glad that somebody with your knowledge and expertise has called them out on this scam. I'm sure the vast majority of people just thank their lucky stars that there is a safety net who will take their money and blindly pay the slimy thugs.
This story needs to go viral!.
I just shared the link with a group 3000 web developers! That might get some reactions going :)
.
This has been the general consensus from those who read by post:
"Hostgator is one of the worst hosting companies on Earth. My Wordpress clients who host there are always subject to throttling, suspensions for 'resource abuse' and other rubbish. Typical of 'cheap' hosting companies shoving 1000's of sites onto underpowered servers."
 
Unbelievable! Though I'm sorry this happened to you - I'm glad that somebody with your knowledge and expertise has called them out on this scam. I'm sure the vast majority of people just thank their lucky stars that there is a safety net who will take their money and blindly pay the slimy thugs.
This story needs to go viral!.
I just shared the link with a group 3000 web developers! That might get some reactions going :)
.
This has been the general consensus from those who read by post:
"Hostgator is one of the worst hosting companies on Earth. My Wordpress clients who host there are always subject to throttling, suspensions for 'resource abuse' and other rubbish. Typical of 'cheap' hosting companies shoving 1000's of sites onto underpowered servers."
.
Any suggestions of a desirable hosting company? I'm not with Hostgator, but looking to change from my present folks.
 
Unbelievable! Though I'm sorry this happened to you - I'm glad that somebody with your knowledge and expertise has called them out on this scam. I'm sure the vast majority of people just thank their lucky stars that there is a safety net who will take their money and blindly pay the slimy thugs.
This story needs to go viral!.
I just shared the link with a group 3000 web developers! That might get some reactions going :)
.
This has been the general consensus from those who read by post:
"Hostgator is one of the worst hosting companies on Earth. My Wordpress clients who host there are always subject to throttling, suspensions for 'resource abuse' and other rubbish. Typical of 'cheap' hosting companies shoving 1000's of sites onto underpowered servers."
.
Yes, that's the general consensus. Though for me, as an old customer, everything worked quite well. The occasional down-time, the occasional email problem, but never scams in broad daylight.
I guess they have a team of people that manually pick "victims" for this scam, and someone screwed the pooch and picked the wrong customer to target. I bet they usually contact customers with outdated websites, non-developers, etc. and hope for some easy money.
Just Googling "SiteLock review" you will get hundreds and thousands of pages of angry people. Most people say that after the initial contact SiteLock was trying to charge them in the range of $1,800 for the clean-up, but a generous manager always offered a discount, down to ~$800-$1,200.
What actually got me so angry is not the scam attempt, but the fact that I had to lose almost 2 full days of work, including an evening not spend with my wife and son. I don't want to go to bed at 01:30 AM because I'm worrying about HostGator's scams :(
And then they try to buy me out with 3 months of service... THEIR service.
 
Back
Top