However, the company warns: Are not a remediation, nor are they full protection against attack. The APTs threat is still active.
New cybercrime phishing attempt against WordPress and webmail users. The lure is a supposed change of IP, that requires a confirmation of the account. This passes through a fake page. The objective is to steal credentials
New phishing attempt on WordPress and webmail users. There aere some emails on the wild on a supposed IP that has changed, sent to owners of websites hosted by the blogging platform. Inside, cybercrime actors ask victim to confirm the account, otherwise it will be blocked to prevent fraudolent activity. So, users are invited to click a link, that formally redirects to a login page. But in facts, it leads to a fake webmail page. Tha objective is to steal credentials. The site is owned by a third party, that has no links with WordPress or webmail.
The email with the IP lure
The fake login page
The real owner of the website