PayPal and WordPress are Targets in Latest Phishing Campaigns

Clarity Blog Header sm 2

The latest phishing campaign has entered the scene. This phishing effort targets Paypal users to steal large sets of personal information from victims. Data includes government identification photos and documents. 

The phishing attempt is specifically hosted on WordPress websites that have been hacked as part of a recent target on WordPress website logins

More than 400 million organizations and individuals use PayPal for online payment solutions. In the WordPress scam, over 1.6 million sites were scanned for vulnerabilities. The victim data pool that hackers are working with is enormous.

WordPress websites are initially being breached due to weak login credentials. The campaign targets poorly secured website logins utilizing a list of common credential pairs found online. From here, hackers use the access to install a file management plugin. With the plugin, they can upload the phishing kits to the breached WordPress website and target Paypal users on the site.

The fraudulent PayPal sites were made to look very real, fooling victims into thinking they were on a legitimate Paypal portal. The hacker even used something called htaccess, which allows a URL rewrite. This allows for a more realistic-looking appearance to the URL that fools victims. 

What can we learn from these phishing campaigns? 

  1. Strong passwords matter. Password hygiene is essential on a personal and an organizational level, as we learn from the Paypal and WordPress examples. Here’s how you can make your passwords more secure.
  2. Always use multi-factor authentication. Here’s why using multi-factor authentication is essential for cybersecurity. MFA is one of the single easiest things you can do to improve the IT security of your organization.
  3. Large brands and websites are not exempt from being hacker targets. As we learn from the htaccess, hackers are skilled at making fake websites look like legitimate brands. Unfortunately, you can no longer trust a website because it is a well-known brand. Always proceed with caution or check with your IT security team if you suspect something suspicious.  

Clarity Technology Group provides managed IT services to small to medium-sized businesses in the Greater Madison, Wisconsin area. If we can support your business, get in touch with our team here