For Victims — Step-by-Step Guidance

I was scammed by a phishing site hosted on UltaHost

You've lost money or had credentials stolen by a site that turns out to be hosted on UltaHost infrastructure. Time is critical — work through these steps in order.

Step 1: Freeze the financial damage (do this first, within hours)

• Credit/debit card used? Call your bank's 24/7 fraud line immediately (number on the back of your card). Request: (a) freeze the card, (b) initiate a chargeback for the fraudulent charge, (c) issue a new card number.
• Bank wire / ACH transfer? Call your bank within 24 hours and request a recall. Provide the recipient details.
• Cryptocurrency sent? File immediately with Chainabuse (it's how exchanges sometimes freeze stolen funds before withdrawal). Note the transaction hash.
• Login credentials stolen? Change every reused password. Enable 2FA on every account. Check email forwarding rules in your inbox (attackers often add silent forwards).

Step 2: File official cybercrime reports (within 48 hours)

File with the appropriate agency for your jurisdiction:

• United States: FBI Internet Crime Complaint Center (IC3)
• United Kingdom: Action Fraud (or call 0300 123 2040)
• Canada: Canadian Anti-Fraud Centre
• Australia: ReportCyber (ACSC)
• European Union: Your national CERT (find at ENISA)
• India: National Cyber Crime Reporting Portal
• Other countries: Search “[your country] cybercrime report”

Step 3: Report the malicious domain so it gets taken down

• PhishDestroy — they have an active investigation track record on UltaHost specifically
• Google Safe Browsing — gets the site marked as dangerous in Chrome / Firefox / Safari
• Microsoft SmartScreen — for Edge / Outlook
• ICANN compliance complaint — particularly effective for UltaHost given their existing breach record
• Cloudflare abuse — if the site uses Cloudflare proxy

Step 4: Document everything

• Screenshot the phishing site (use archive.org to preserve a permanent record)
• Save all email/SMS/chat communications
• Save transaction receipts and screenshots of bank/exchange records
• Write down the timeline while details are fresh

My brand is being impersonated on a UltaHost-hosted site

A site hosted on UltaHost is impersonating your company, brand, or trademark. UltaHost has a documented pattern of ignoring abuse reports unless you can attach a trademark certificate or court order — so this guide skips the friendly email phase.

Step 1: Document the infringement

• Screenshot the impersonating site (multiple pages)
• Save to archive.org for an immutable record
• Note the WHOIS data (use DomainTools or WhoisXMLAPI) — should confirm UltaHost as registrar
• Have a copy of your trademark certificate ready (USPTO, EUIPO, IPO, etc.)

Step 2: File a UDRP complaint

The Uniform Domain-Name Dispute-Resolution Policy is the fastest way to get a trademark-infringing domain transferred to you. File with any of:

• WIPO Arbitration Center — most common, ~$1,500 filing fee
• Forum (formerly NAF)
• Czech Arbitration Court (cheapest)

Typical timeline: 2 months from filing to decision. UDRP decisions force the registrar (UltaHost) to act — they cannot ignore a UDRP transfer order.

Step 3: File ICANN compliance complaint in parallel

ICANN compliance form — file alongside UDRP. UltaHost is already in ICANN's sights due to their February 2025 breach; additional complaints strengthen the case for further enforcement.

Step 4: Notify hosting layer if Cloudflare-proxied

If the site sits behind Cloudflare, file Cloudflare abuse — they will pass details to UltaHost AND will themselves act on impersonation/phishing.

Step 5: Legal escalation if scale warrants

For high-value brand impersonation, retain a domain-law firm. Recognized specialists: Greenberg & Lieberman,Eversheds Sutherland, FairWinds Partners. Costs $5k-$50k+ but can move fast.

I'm a paying UltaHost customer — lost money or data

You bought UltaHost service and were harmed: server hacked with backdoors, data deleted, refund denied, charged after cancellation, or you can't leave because they trapped your crypto in account balance. Here is the practical playbook.

Step 1: Chargeback (strongest tool if paid by card)

If you paid by credit card and you're within 60-120 days of charge, file a chargeback with your bank citing:

• “Services not as described” (if the product failed to deliver what was advertised — e.g. PTR records / Port 25 locked behind $117 upcharge not disclosed at checkout)
• “Service not received” (if the server was never delivered or was deleted)
• “Unauthorized charge” (if you cancelled and were charged again)

Warning: UltaHost's refund policy contains a clause classifying chargebacks as “criminal fraud” and threatens to permanently terminate service plus demand repayment “in full”. This contract language cannot override your statutory consumer-protection rights:

• US: Fair Credit Billing Act — you have 60 days from statement to dispute
• UK: Section 75 Consumer Credit Act 1974 — for purchases £100-£30,000 made by credit card
• EU: Each country's consumer-protection regulator
• Australia: ACCC

Step 2: Crypto payment recovery (harder, but try)

UltaHost's policy excludes crypto refunds entirely — your only recourse is:

• Insist via written communication on a wallet refund, citing the service-not-delivered argument
• If denied, file complaints (Steps 3-5 below)
• Document that you have account credit you cannot use — this becomes evidence in further actions

Step 3: BBB complaint

UltaHost currently holds a D rating from the Better Business Bureau and has unresolved complaints. File at bbb.org/file-a-complaint. BBB complaints become public, harming UltaHost's search reputation and adding to the historical record.

Step 4: State / national consumer-protection authority

• US: Your state Attorney General's consumer-protection division
• US: FTC ReportFraud
• UK: Competition & Markets Authority (CMA)
• EU: Your national consumer-protection ombudsman

Step 5: Small claims court (if amount justifies)

For amounts under $5,000 (US) / £10,000 (UK), small claims court is a viable path. UltaHost likely won't show up for an overseas case, which means default judgment in your favor. The challenge is enforcing the judgment given their four-jurisdiction shell structure — but the judgment itself adds to the public record.

Step 6: Safe migration order (when you leave)

1. Back up everything (files, database dumps, DNS records, email)
2. Register at a reputable host first (see Alternatives)
3. Stand up your new instance and verify it works
4. Transfer DNS / point records to the new host
5. Wait 48 hours for DNS propagation
6. Then cancel UltaHost service

Support resources for victims of long-con scams

If you've been the victim of a pig-butchering, investment-fraud, or sextortion scam routed through UltaHost infrastructure, the financial loss is only part of the harm. Shame, anxiety, and isolation are normal reactions. You are not stupid; these operations are professionally engineered to exploit normal human psychology.

Free emotional support

• US: AARP Fraud Watch Network Helpline — 1-877-908-3360
• US: Cybercrime Support Network — cybercrimesupport.org
• UK: Victim Support — 0808 168 9111 or victimsupport.org.uk
• Worldwide: Global Anti-Scam Organization (GASO) — specifically for pig-butchering victims

If you're in crisis

• US: 988 (Suicide & Crisis Lifeline)
• UK: Samaritans — 116 123
• Worldwide: IASP Crisis Centre Directory

The financial recovery may be partial, but the psychological recovery is real and possible. Reach out.