New cybercrime phishing attempt against WordPress and webmail users. The lure is a supposed change of IP, that requires a confirmation of the account. This passes through a fake page. The objective is to steal credentials

New phishing attempt on WordPress and webmail users. There aere some emails on the wild on a supposed IP that has changed, sent to owners of websites hosted by the blogging platform. Inside, cybercrime actors ask victim to confirm the account, otherwise it will be blocked to prevent fraudolent activity. So, users are invited to click a link, that formally redirects to a login page. But in facts, it leads to a fake webmail page. Tha objective is to steal credentials. The site is owned by a third party, that has no links with WordPress or webmail.

The email with the IP lure

The fake login page

The real owner of the website