Researchers from Sucuri have come across a new phishing campaign that focuses on WordPress sites. This involves sending fake messages about database upgrades in order to eventually cause major problems for website owners and operators.
The attack campaign distinguishes itself from previous phishing campaigns by using an email that resembles a legitimate request from WordPress. The message asks users to upgrade their database immediately. In terms of style, the e-mail is very similar to messages that WordPress usually sends for updates.
In reality, the malicious e-mail tries to encourage victims to press the Upgrade button. The victim is then asked to enter his or her username and password, followed by an entry field for the administrator’s website name and username.
If the attacker succeeds in obtaining the data, they can edit content on the website. It also offers the possibility to infect users with malware. In addition, full access makes it possible to install backdoors so that malicious parties can access them whenever they want. It can lead to a website receiving less traffic, or to the website being blacklisted by search engines.
Sucuri also warns of the human nature of the new campaign. The combination of simplicity and authentic look makes it a risk for WordPress administrators and anyone involved in content creation.
Danger
Security researchers are more likely to warn of the impact of phishing, and this campaign is another example. For example, recent F-Secure research has shown that after forty years, spam is still the most important method of distributing malicious URLs, scams and malware.
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.