Threat Database Adware Rackspace Email Scam

Rackspace Email Scam

By GoldSparrow in Adware

The Rackspace Email Scam is an email campaign executed by threat actors who are looking to hijack cloud access accounts. The threat actors seem to be after accounts managed via Rackspace ( The company offers help in moving infrastructures to the cloud space and managing databases to health-care organizations and e-commerce businesses primarily. The Rackspace Email Scam relies on the good reputation of Rackspace US Inc. and its extensive network of clients to increases its chances of success. Threat actors have been reported to utilize spoofed email addresses, logos copied from, legitimate support ticket layouts, and links to legitimate applications as a means of making their phishing emails believable. The emails in the Rackspace campaign include the Rackspace logo; links to the official iOS and Android OS applications published by the company; as well as a valid support ticket design. The Rackspace phishing message is styled to look like a recently submitted support ticket with the number '30058-ord-0000536,' which offers the following text:

New Ticket
A Rackspace support ticket has been created for your Cloud account.

Ticket #: 30058-ord-0000536
Status Pending Customer
Created 30 December 2018
Cloud Servers
Recipients **********
Affected Devices **********

[View Ticket Details|URL]

Want to manage all your tickets on-the-go?
Download our app to quickly view product status and
communications from Rackspace.

© 2019 Rackspace US. Inc. Support: +1-877-934-0407'

The Rackspace phishing email is likely to feature a subject line that reads 'New Ticket has been created for your Cloud account...' The fake Rackspace support ticket includes a corrupted URL hidden behind the 'View Ticket Details' hyperlinked text. The URL triggers a new browser tab to be loaded, and the users are sent to a fake login page for their account at Rackspace US Inc. Unwary users might fall victims to the Rackspace Email Scam if they are not careful. It is recommended to use a reliable anti-spam service and check if your technical staff has verified the support tickets in your email inbox. Do not interact with questionable emails prompting you to log into your business accounts and be careful when exploring targeted advertisements while at work. If you have been compromised in the Rackspace phishing campaign reach out to the legitimate support center at

1 Comment

Charles Chesnutt Reply

Today I received a new email scam using Rackspace. I did not click on it, however. Would you like me to send you a copy? If so, what email address?

Charles Chesnutt


Most Viewed