Expand To Show Full Article
Secure DNS phishing campaign targeting WordPress websites on the rise

TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

Secure DNS phishing campaign targeting WordPress and other hosting providers on the rise

Security researchers have come across a disturbing trend, which highlights the rise in phishing campaigns targeting WordPress blogs and websites. These campaigns try to lure WordPress site owners by promising free Domain Name System Security Extensions (DNSSEC) upgrade.

Secure DNS Phishing Campaign WordPress

New phishing campaign targets WordPress websites

What is Domain name System or DNS, you ask? DNS is a decentralized naming system for resources connected to the Internet. It helps users locate the website’s IP address with a human-friendly rather easy-to-remember name aka URL. For example, www.thewindowsclub.com.

DNS helps web browsers access requested websites without requiring users to enter corresponding IP addresses. However, DNS Spoofing is extremely common these days. In DNS Spoofing, hackers gain control over the DNS database and fill it in with bogus entries, further hijacking web traffic. DNSSEC repels DNS Spoofing.

The DNSSEC essentially protects the existing Domain Name System (DNS) records by adding cryptographic signatures to them, something a website security company Cloudflare also offers.

Attackers are trying to trick WordPress blogs and websites owner into taking the bait and giving up the website’s credentials, courtesy of a coordinated phishing campaign. DNSSEC protocol has been around for over 20 years.

“This scam pretended to come from WordPress itself, and claimed that DNS security features would soon be added for our domain,” said researchers.

“It has typically been a feature used by service providers to help to keep their own DNS databases intact when they exchange data with other DNS servers.”

WordPress blogs or websites may fall for this given the enticing promise, which is about providing them with “Secure DNS.” Once you click the link to get your free DNSSEC upgrade, you will be redirected to a web page that claims to be an “Update Assistant.”

This so-called ‘Update Assistant’ then advises the WordPress website owners to enter their WordPress credentials including the username and password. As is the case with nearly all phishing campaigns, it then shows some fake but believable progress messages.

However, this phishing campaign is clearly not limited to WordPress. It also affects Hostgator and Microsoft Azure-hosted websites. Hackers often have access to details about your DNS and hosting providers, which ultimately allows them to reach out to you.

However, always refrain from signing in via links sent in an email. Plus, make sure to turn on Two-factor authentication (2FA) whenever you can. Password managers also help users avoid entering credentials on the wrong websites.

251 Shares

Date: Tags:

[email protected]

Tanmay loves writing about Technology, Internet, Apps, Social Media, and Cybersecurity. He also tracks OTT video content streaming space and likes to spend his weekends watching plays. You can contact him on Twitter @techtsp.

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap