Summary: A security issue has been identified by VeriSign where customers may be receiving email messages originating from a verisign.com email address advising them to upload a .php file to their Web server as part of new security regulations.
Recommendation: VeriSign would like to inform you that this message did not originate from VeriSign. Do not load or perform the steps listed in the email message. The email address being used is a spoofed address.
Other Information: VeriSign is investigating the originator of this email and will be taking appropriate actions to stop these messages.
Below is an example of the message:
—–Original Message—–
From: Verisign Inc. [mailto:security.admin@verisign.com]
Subject: Hosting Regular Security MaintenanceDear FDIC valued Members
Regarding our new security regulations, as a part of our yearly maintenance we have provided a security guard script in the attachment.
So, to secure your websites, please use the attached file and (for UNIX/Linux Based servers) upload the file “guard.php” in: “./public_html” or (for Windows Based servers) in: “./wwwroot” in your site.
If you do not know how to use it, you can use the following instruction:
For Unix/Linux or Windows based websites that use PHP/CGI/PERL/ASP:
1) Download the attachment named “guard.php”
2) Login to your site Control panel.
3) Open “File Manager” window.
4) Go through “Public_html” or “htdocs” (for UNIX/Linux Based servers), but for Windows Based server, please Go through “wwwroot” directory.
5) Choose “Upload Files”
6) Upload the file “guard.php”
7) Check its URL too “http://www.yoursite.com/guard.php”, if it is ok
