Phishing Campaigns Catching Out WordPress Users

In previous years, the WordPress Content Management System (CMS) had been labelled insecure because of the long list of vulnerabilities it had which were easy for hackers to exploit.

Thankfully the WordPress team carried out some big changes to the CMS which significantly improved the security.

However, WordPress (like any other CMS or information asset) is only safe if you keep it up to date.

Over the last couple of weeks, two phishing campaigns have been uncovered which are making use of vulnerabilities in older versions of WordPress.

One of these campaigns is an email claiming that a user’s WordPress database is out of date and must be upgraded. The link sends the users to a fake WordPress login page and then directs to the official WordPress upgrade page once credentials have been entered. The attackers can then use the farmed login credentials to do whatever they wish; such as change the appearance of the website.

The other campaign is slightly more sophisticated. Victims receive an email stating that they’ve been “chosen by WordPress to take part in our Customer Rewarding Program. You are the 23rd from 100 unique winners.” The reward is a free copy of the “#1 most downloaded WordPress plugins:” the ‘All in One SEO Pack Pro.’

People who fall for this trick receive a copy of the plugin, however an installed backdoor allows the attackers to modify the index.php page. By modifying this page, hackers can change the appearance of the page, as well as force visitor’s browsers to download material such as spam and malware.

Lesson one – Keep your WordPress installation up to date, and always do it from the WordPress dashboard not from an email.

Lesson two – Share this information with anyone who has access to your WordPress site.

It’s also important that you train all of your staff on the importance of keeping an eye out for phishing emails. You can do this by providing them with basic information security e-learning

If articles such as this one interest you, then I suggest signing up to our blog to make sure you don’t miss out on anymore 

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.