glow-desktop glow-mobile glow-tablet bg-header banner pattern banner pattern

# Get Sorted



or browse the Help Centre by category


Email phishing and spoofing


NEVER give out your payment details or personal information unless you are on a secure website with a trusted vendor.

What is phishing?

Phishing is the fraudulent practice of sending emails disguised as a reputable and trustworthy company with the intention to persuade individuals to reveal their personal details such as passwords or credit card information.

The email usually notifies you that your account has been compromised and you need to respond immediately by clicking on the link or attachment provided.

Why do people do it?

People who perform phishing scams are cybercriminals who are attempting to steal your money or your sensitive information.

They use tricks and techniques to deceive individuals into giving out their information. It is easy for these scammers when users are not knowledgeable.

What is email spoofing?

It is the forgery of email headers to mislead the recipients about the origin of the message. Another phishing technique.

When you look at an email address in your email program (Outlook/ Thunderbird/ Mac mail), you are not seeing the true email but only the sender, the recipient/s, the subject and the body of the email. Your email software displays who an email is from in the “From” field. However, no verification is performed and therefore your email software has no way of knowing or validating if an email is actually from who it says it’s from.

When an email message is sent, there are two pieces of information sent in the headers during the initial connection which is not visible to the end user, this loophole is exploited by scammers in electronic mail, a concept well known as email spoofing in computing.

How to prevent email fraud and identify a potential phishing scam

Phishing scammers will use designs that look very similar to the company they are trying to imitate.

What to look for when trying to recognise a phishing/scam mail:

  • An unfamiliar or unusual email address that the mail was sent from.
  • Bad spelling and grammar.
  • The language used in the mail will make the request seem very urgent and require you to act immediately.
  • Usually a call-to-action request, such as click this button or open the attachment.
  • Be very cautious with your personal information including your username and passwords. Do not share this information.
  • Legitimate businesses will not send you an email asking for your login or sensitive personal information.
  • Verify the reply-to address.
  • A generic greeting is usually used and is not addressed specifically to you. The email might open with a generic greeting such as “Dear Sir or Madam” or "Dear User" and may sign off with something generic such as “Regards, the Team”.
  • Add an SPF record to prevent scammers from spoofing your domain.
  • An unfamiliar URL or web address is used.
  • The contact information is inconsistent and looks different.
Creating an SPF record 

You can find out more about How to create and add an SPF record to your domain to prevent scammers from spoofing your domain.


If you suspect you have been targeted or have unknowingly clicked on links that are unfamiliar contact your bank for advice.

Afrihost will alert you if your ClientZone details have changed. Make sure you act immediately if you receive such an alert without having requested changes.

Scammers may vary their approach and designs, here is an example of what to look out for:
Example of phishing
Example of phishing
Example of spoofing

As these scammers continue to evolve their attacks to infiltrate your data through techniques such as a scam phone call, SMS, or malicious code installed on your computers that redirects you to a fake website, it is advisable to have security software such as antivirus protection to defend yourself from any attacks.

Prevent email fraud. 

Please read our Help Centre article to know more about How to protect yourself from email interception fraud and better protect yourself from potential scammers.

Suspicious activity? 

If you suspect any suspicious activity on your domain account, please notify our security team immediately so the threat can be investigated and removed.

Password security 

It is important to create a strong and secure password.
Use a minimum of 10 characters. Include uppercase, lowercase, numbers and use at least one special character (eg: =~_{} @^&>*) in the password.
Do not include a username or your name in the password.

Afrihost Network Status

See the status of our broadband, mobile and hosting networks

For more details, visit our Network Status Page

ClientZone - just like magic

Manage products  .  Make payments  .  Check balances  .  Top up your account

Manage Products
Make Payments
Check Balances
Top Up your Account