Wordfence cybersecurity experts: The flaw affects versions 1.5.1 to 1.6.0. Update the plugin now!
Malware Hunter JAMESWT Technical Analysis
Global phishing campaign via full mailbox and pending messages. Objective: to steal the email credentials from a fake provider login page, set on the victim’s account
The nearly full mailbox and 19 pending messages are the new lures for a global cybercrime phishing campaign.
The link in the email points to a fake provider login page, set on the victim. The password request, in fact, is already set on the account to which the malicious message was sent.
However, if you enter any combination, it will still be wrong.
The goal of the operation is to steal the victim’s email credentials.