I’m sure we’ve all received a notification email telling us that there’s a scan waiting. This particular email sent via compromised WordPress sites (as is often the case) contains an extra surprise and might have led to your users’ details being available to anyone with the necessary Google-foo skills…:
Operators of a phishing campaign targeting the construction and energy sectors exposed credentials stolen in attacks that were publicly viewable with a simple Google search.
On Thursday, Check Point Research published a blog post describing the campaign, in which stolen information was dumped on compromised WordPress domains.
The recent phishing attack began with one of several fraudulent email templates and would mimic Xerox/Xeros scan notifications including a target company employee’s name or title in the subject line.