Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A new phishing campaign is designed to steal FTP credentials from website owners so the fraudsters can set up fake bank websites, a security firm has warned.The messages appear to come from web hosting providers, such as Yahoo, according to researchers at Trusteer. The emails target owners of sites that use cPanel, which offers these hosting providers backend automation software to build assets, such as email accounts and databases. cPanel also oversees FTP account control.The phishers request the FTP credentials of the recipient, according to a Trusteer report."Due to the system maintenance, we kindly ask you to take a few minutes to confirm your FTP details," one message reads. "Please confirm your FTP details by using the link below." Customers of at least 90 hosting providers are being targeted, Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, said in a blog post.The attackers urge recipients to click on a link that leads them to a page that appears to belong to cPanel, asking them to reveal their FTP login information, Trusteer said. If they comply, the thieves use the stolen credentials to upload bank phishing pages to the victim sites. They then launch separate phishing scams dedicated to stealing bank login information."By stealing cPanel login credentials, criminals do not need to use hacking tools to upload content to a website, and therefore can avoid detection until after they have siphoned funds from consumer and business banking accounts," Trusteer CTO Amit Klein said in a statement.Aaron Phillips, vice president of operations at cPanel, told SCMagazineUS.com that the company was aware of the phishing campaign, but declined to comment further.A spokeswoman for Yahoo, one of the web-hosting companies whose name is being leveraged in the attacks, could not be reached.The Trusteer report said companies that fall for the attack face website downtime, due to efforts by banks to have any phishing pages removed, as well as business and reputational harm if the sites are added to phishing blacklists.This news comes on the heels of a Trusteer study released last week that found that roughly half of online banking customers who visit phishing sites give up their login details, which could cost banks millions each year. However, the number of people who surf to these sites is only about 1 out of 100.The company based its findings on a sampling of users that run its browser security service. See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.