While a temporary URL is safe if the server name is the domain of the web hosting provider or its server IP address, and if the username is that of the user’s account, some web hosting providers do not configure them properly. Instead, they allow the use of any domain name that resolves to the aforementioned IP address.
In doing so, they open the door to all sorts of phishing attacks, such as: registering or hacking a cheap account on a shared server; placing malicious files in subdirectories; compiling a list of third-party sites; accessing their own virus-heavy pages using third-party domains; and more.
Moreover, this can have a domino effect on sites not directly targeted, as sites have been known to be blacklisted solely because they shared a server with a cyber criminal who took advantage of an unprotected temporary URL.
Protect Yourself From a Poorly Configured Temporary URL
If you want to protect yourself from becoming a victim of temporary URL phishing, your best bet is prevention. Test your URL to see if you can open it using your own domain name, and if you can, contact your provider and ask them to fix the issue–and to move to a new web hosting provider that’s more stern about security if they don’t.
If you have found yourself in this situation and are not sure where to start looking for a new provider, we would recommend looking at our web hosting review section or using our comparison tool to find out which web hosting providers are the most security-conscious.