Friday, May 9, 2025
No Result
View All Result
Bulletin Point - Daily Independent News
  • World
  • Politics
  • Business
  • Science
  • Tech
  • Health
  • Sports
  • Entertainment
  • World
  • Politics
  • Business
  • Science
  • Tech
  • Health
  • Sports
  • Entertainment
No Result
View All Result
Bulletin Point - Daily Independent News
No Result
View All Result
Home Tech

Phishing Scam Leaves over 1,000 Compromised Passwords Accessible in Google Search

by Pablo Luna
January 22, 2021
in Tech
0
Phishing Scam Leaves over 1,000 Compromised Passwords Accessible in Google Search
0
SHARES
10
VIEWS
Share on FacebookShare on Twitter

Fraudsters behind a phishing scam that focused on employees of companies in the construction and energy industry had their plans ruined when they carelessly left the passwords they stole on WordPress-hosted domains, making the credentials accessible to everyone via Google search engine. A team of researchers made the discovery of the stolen credentials on Thursday.

The fraudsters sent different formats of scam emails to employees of targeted companies, going to different lengths to make the emails look genuine. The emails often included the employees’ names and titles and looked like notifications from Xeros.

One thing the recipients of the email could not have known is that the emails had an HTML file that was coded to steal users’ passwords and other login credentials. The attackers were able to infiltrate Office 365’s ATP filtering. More than 1,000 victims that were employees of different companies had their login details pilfered, according to reports.

The attackers also compromised a host of websites hosted on WordPress. It was on these websites that they stored the stolen credentials and processed each as they received them. This step made the stolen credentials available to anyone that had access to the Google search engine since the websites are indexed by Google, Zdnet reports.

The team stated that the attackers knew their websites would most likely be flagged by security filtering, so they hijacked the websites for their good reputations with security protections.

“They knew the bad reputations of their own websites will make it difficult to bypass security protections, so they opted for websites that have good reputations,” the team wrote.

According to the team’s report published on Thursday, after checking through about half of the credentials that were stored on the compromised websites, they discovered that the attackers did not limit their attack to employees of the construction and energy industry only, though they showed a preference for them, the team said. The attackers also had stolen credentials from employees in Information Technology, Real Estate, Healthcare, and the manufacturing industries.

The team also discovered that the attackers have been around since at least August 2020. They made this discovery by comparing the emails with ones from another phishing scam from August 2020. They found out that the JavaScript used in the encoding of the emails from the two campaigns is the same.

Source: bleepingcomputer.com

Pablo Luna

Pablo Luna

Next Post
Scientists Discover Fossilized Lair of a Predator That Could Be a Bobbit Worm

Scientists Discover Fossilized Lair of a Predator That Could Be a Bobbit Worm

Recommended

Two Hacker Members of Team Xecuter Face Prison Sentence After FBI Arrest

Two Hacker Members of Team Xecuter Face Prison Sentence After FBI Arrest

5 years ago
Pfizer Says COVID-19 Vaccine Has Been Trialed On 44,000 Without Side Effects; To Be Ready In Weeks

Pfizer Says COVID-19 Vaccine Has Been Trialed On 44,000 Without Side Effects; To Be Ready In Weeks

5 years ago

Popular News

  • CBP Chief Reveals that Twitter Locked his Account over a Tweet about Border Wall

    CBP Chief Reveals that Twitter Locked his Account over a Tweet about Border Wall

    0 shares
    Share 0 Tweet 0
  • Google Sacks Top AI Ethicist Timnit Gebru; Company Insists That She Resigned

    0 shares
    Share 0 Tweet 0
  • China’s City of Qingdao to Test All 9 Million Residents for COVID-19 after 12 Get Infected

    0 shares
    Share 0 Tweet 0
  • Duke of Cambridge, Prince William, was Infected with Coronavirus – Report Reveals

    0 shares
    Share 0 Tweet 0
  • Top Home Remodeling Trends of 2021

    0 shares
    Share 0 Tweet 0
Bulletin Point - Independent News

© 2022 Copyright Bulletin Point. All Rights Reserved.

No Result
View All Result
  • World
  • Politics
  • Business
  • Science
  • Tech
  • Health
  • Sports
  • Entertainment

© 2022 Copyright Bulletin Point. All Rights Reserved.