Share your valuable feedback, comments or suggestions on Phishing Attacks Victimized Websites

Phishing Attacks using Victimized WebsitesThe hackers do a mass mailing with website link of to phishing file. The attacker appears as a legitimate sender, using the hacked website to create a phishing attack. The hacker might create a link to steal the vital credential data of the people logging to the website. The website owner comes to know about this when they get mail from hosting provider that there account would get closed if they do not take prompt action. Such emails cannot be ignored as phishing is a serious issue and can bring financial loss to people clicking on compromised links.

Entire business gets compromised when a website gets hacked, resulting in fraudulent online transactions or wire transfers. The hacker creates page looking like original commercial website page and asking the user to login providing access to financial or other sensitive information.

Latest News – Victimized Websites

  • (October 04, 2018) Cybercriminals exploited CloudFlare’s IPFS Gateway for Phishing Attacks taking advantage of Azure Blob storage solutions for malicious activity. It enabled the phishing URLs seems legitimate with an SSL certification issued by Cloudflare, to lure unsuspecting internet users into putting in their private data on unsecured websites.
    IPFS is peer-to-peer or distributed file system allows to share files throughout the networked file system.
  • (October 04, 2018) The security firm Netlab revealed widespread infection of around 100,000 Internet routers in South America by the malicious code named GhostDNS. The script replaced router settings, replacing them with an alternative DNS service Rouge.
    The hijackers redirected traffic to carry out phishing attack by creating mimic landing pages for major banks, telcos, ISPs, media outlets, and even Netflix.
    The Netlab tracks the infection progress and its inner working and contacted service provided to shut down the network, which was running phishing scheme unopposed since mid-June, 2018