Mail Delivery Incomplete Phishing Scam
Well laid out email appearing to be a message from your cPanel telling you of email delivery difficulties. The sender email address has been spoofed to appear to come from your domain name.
This is the email we received
Date: No date
From: deliveryreport@[your domain name] delivery-report@[your domain name]
To: [Name Redacted]
Subject: [AutomĪ±ted] Urgent Attention!!
Notes: The give-away that this is a scam is the click through link address: https://is.gd/R73Y1K#[E-mail address redacted]. cPanel would not make use of a url shortening service such as is.gd.
Also and I have been using cPanel for some time, I have never known cPanel ever delay delivering emails for you to login... they will either deliver (including spam and scam e-mails) or block/bounce emails because of the sender email addresses or non-existing recipient addresses.
Full delivery tracking of emails received and sent can be viewed by logging into your cPanel at the recognised web address.
Recommendation: Delete the email.
And another similar phishing email received sometime later
Date: 27/12/25 17:31
From: Admin Support it@mailgateway.bank.kz
To: [Name Redacted]
Subject: Retrieve all emails before on Saturday, 10 2026
Notes: Seriously, why believe an email supposedly relating to your email account coming from .kz (Khazakistan) unless of course if you live in Khazakistan!
Several typos and errors in the email and wording suggesting sender is not a native English speaker.
Click through web address makes use of the well known Wix platform which offers both free and paid website creation tools and hosting... https://shoutout.wix.com/so/cdPjVb6DK/c?w=BbwfjXqrwIcKBnNqIyWXN29A0coDQf9XQsuHVZOAVHA.eyJ1IjoiaHR0cHM6Ly93ZWJtYW lsLXBvcnRzdXAtaW9naW4uc2JzL0RWUm5vbHVSIiwiciI6IjY0ZWIyOWQ2LWM2M2ItNGI5Yy1 iMzdlLWQ3ZmYxZmQ4OWMxYyIsIm0iOiJtYWlsIiwiYyI6IjAwMDAwMDAwLTAwMDAtMDAw MC0wMDAwLTAwMDAwMDAwMDAwMCJ9
Wix ShoutOut is a tool for sending email campaigns but here it appears to be being misused with hidden redirects as part of a phishing attack.
Seriously again, who should be thinking of clicking on such a link? It is easier to check target site of links if you view emails on a laptop and mouse-over links. You can also copy and paste the link into a new notepad page for detailed inspection.
Recommendation: Delete the email.
Michael Fowler
Other articles by Michael Fowler:
Incoming Emails Blocked Phishing Scam - Michael Fowler
The objective of this email is to panic you into clicking the Verify Me link to release the blocked emails. Clicking on the link you will be prompted to enter your email login details thereby giving scammers access to your account... more >>
Supplier Inquiry Scam - Michael Fowler
If you are a manufacturer of something or a supplier is this a genuine trade enquiry? I think not as the "purchaser" does not specify even in general terms what he might wish to purchase.... more >>
Coinbase KYC Verification Scam - Michael Fowler
Received an email saying that suspicious activity has been observed on your Coinbase account and for safety the account has been frozen. That gets your attention but has Coinbase contacted you or have scammers?... more >>