Developers and maintainers of PyPI are under attack by digital scammers through email phishing.
Several PyPI developers and maintainers have fallen for phishing scams conducted by digital scammers. The malicious campaign was disclosed by Adam Johnson, a project board member at Django, who received a doubtful email.
“The phishing site looks fairly convincing”, Johnson explained. “But as it’s on Google Sites, there’s a floating ‘info’ button at the bottom left. Clicking this allows you to report the site as a phishing attack, which I’ve done.”
The attackers deceive users into going through a malicious ‘validation’ process to acquire their packages successfully from PyPI. As a result, deceivers innocently enter their credentials and give access to scammers.
There is a surge in email phishing scams. 81 percent of organizations have reported that they faced at least one phishing attempt in a recent survey by security firm Ironscales.
PyPI actively removes hijackers and ups security measures
Business leaders should pay substantive heed to cybersecurity as hackers have now found highly innovative ways of email phishing.
PyPI is discovering several hijacking strategies and eliminating them. They found and removed ‘spam’ (versions 2.0.2 and 4.0.2) and ‘exotel’ (version 0.1.6). Moreover, they also assured the users of identifying and removing ‘several hundred typosquats’ that match the pattern.
“We’re actively reviewing reports of new malicious releases and ensuring that they are removed and the maintainer accounts restored”, PyPI said. One way of protecting yourself from phishing attacks is checking the page URL before entering your PyPI account credentials.
Furthermore, PyPi is initiating different security measures to prevent further cybersecurity scams and threats. “We’re also working to provide security features like 2FA more prevalent across projects on PyPI”, the company said.