Threat Intelligence Blog

Posted December 4, 2009

Earlier today, Cyveillance detected attacks targeting Web hosting companies and their customers. As part of one of the attacks, the email below is sent to users:

hosting-phish-email

As you can see, the email asks the user to “confirm your FTP details”. The user is instructed to click on the link in the email that routes him or her to the fake administrator’s Website below:

hosting-phish

On the fake Website, the user is asked to provide login credentials. If the credentials are entered, then the user would basically hand over access to every Website controlled by that specific login. Users can avoid falling victim to this attack by never clicking on the link within the emails and only accessing online applications directly through known Web sites and pages.

Additional Posts

The U.S. Secret Service Electronic Crimes Task Forces

There has never been greater focus on the threat posed by attacks on our nation's infrastructure. ...

Google Search Results Poisoning Extends to Online Pharmacies

Tactic Used to Spread Malware Now Observed Hijacking Users, Pushing Them to Illegal Online ...