Free Class | How to Build a Website That Works While You Sleep!

Watch Now

Topics

Quick Links

Main Support Page

Send Us a Message

Verify Emails About Your Website Are Legitimate

As a website owner, you’ll likely receive many emails related to your site. Some will be important notices, while others may be spam or even phishing attempts, where bad actors try to get personal information, credit card details or login information. Knowing how to tell the difference will help you protect your business, your visitors, and your personal information.

Here are the key things to look out for when going through your inbox.

Who Is the Email From?

Check the sender’s address carefully

Legitimate messages from Oh My Hi will always come from one of the following email addresses:

  • @ohmyhi.com
  • @mail.ohmyhi.com
  • @notices.ohmyhi.com

To verify the from address, inspect the from name and email address in the header of your email. A legitimate email from us will use a from email address included above.

Spammers may use addresses that appear similar at first glance (for example, [email protected] or [email protected]).

How This Applies to Other Products and Services You Use

This same strategy applies for other products and services you use as well. For example, we get a lot of spam and phishing emails from people pretending to be Facebook or Meta. Facebook’s help article details all the legitimate email addresses they use to make it easy to spot when it is a fake Facebook email.

Below is an example of a fake Facebook email we received. You can see they are pretending to be from Meta (Facebook’s parent company), but the from email address is a free Gmail address.

What Is the Email Asking You to Do?

Legitimate emails usually provide updates, reminders, or information. If action is required, it will be something straightforward, like logging into your existing account.

Suspicious emails often try to create urgency (“Your account will be deleted in 24 hours!”) or ask you to click a link, download a file, or share sensitive information such as passwords or payment details.

If it is a suspicious email or it is from someone you don’t know, DO NOT CLICK ANY LINKS. If you have any questions, reach out to the company directly through their website and published support channels. You can always send us a message here.

Check the Links Before Clicking

Verify the link destination before clicking any links. To verify the destination you can hover your mouse on desktop (or press and hold on mobile) over any link to preview where it goes.

Legitimate links to Oh My Hi will point to ohmyhi.com or a subdomain like crm.ohmyhi.com, or your Oh My Hi website’s actual domain.

Suspicious links may look similar but actually lead elsewhere (e.g., ohmyhi-security-check.com).

Look for Signs of a Scam

Here are some of the common signs of a scam in email content:

  • Poor spelling or grammar.
  • Generic greetings like “Dear Customer” instead of your name.
  • Unexpected attachments (legitimate emails from Oh My Hi will never send you .zip or .exe files).
  • Threatening language or offers that seem too good to be true.

When in Doubt, Don’t Click

If you’re unsure whether an email is real:

  1. Do not click on any links or download attachments.
  2. Log in directly to your Oh My Hi account from your browser — not through the email.
  3. Forward the suspicious email to [email protected] and ask us to confirm.

Remember: Oh My Hi will never ask for your password by email. We’ll also never pressure you to take immediate action or threaten to shut down your site without prior notice.

Scam, Spam and Phishing Examples

Critical Website Services / Recommendations

These emails are typically just spam (not necessarily dangerous), but they are annoying if you get a lot of them. These generally involve people telling you there are critical issues with your website or some other issue that they can help you solve. You can safely delete these emails or mark them as spam. I would not reply because then the sender knows the email address is legit and could send more emails.

Here are the spam identifiers:

  1. Free email address used (@outlook[.]com)
  2. Language about critical issues, urgent issues or some sort of problem with your site or business

IT Management Services

See the example scam email below. Here are the ways to spot it is not a legitimate email.

  1. From an unrecognized domain name (@neten[.]info)
  2. Critical/urgent warning with action required
  3. Salutation with email address rather than actual name
  4. Random HTML code in the middle of the text
  5. Buttons lead to suspicious URLs

Facebook / Meta Intellectual Property Violation Notice

Red flags to identify this email as a scam:

  1. From a free Gmail address (@gmail[.]com)
  2. Critical/urgent warning with action required
  3. Threatening language telling you to take action
  4. Button leads to a suspicious URL

Summary

Always check who an email is from, what it’s asking you to do, and where its links lead. Legitimate emails will never ask for your password, and won’t pressure you with threats or urgent deadlines. If something feels off, don’t click — instead, log into your account directly or contact [email protected] for confirmation.

Already a customer? You’re in great hands.
New here? Join Oh My Hi and enjoy peace of mind knowing your site is secure, backed up, and always being watched over. We also have real humans (not AI bots) ready to help with our weekly live, and fast email, support.