Study finds hosting providers offer phishing paradise

Share this article:

Hosting providers are the new target for phishing attacks, according to a study released Thursday.

The Anti-Phishing Working Group (APWG), an international consortium that serves as a clearinghouse for phishing attacks, reported its findings from the second half of 2012. It found that 47 percent of all phishing attacks involve shared web hosting, like WordPress or Joomla.

Rod Rasmussen, co-chairman of the APWG's internet policy committee and the CTO of security firm Internet Identity, said phishers typically compromise one person's website, and they use "various tricks" to gain access to the main web server, which yields a universal directory of sites hosted as part of that shared server space. Then, using some commands, the attackers are able to install a phishing page on every one of those trusted sites.

"All you need to do is to get into one account on the server, and you can compromise the rest," Rasmussen said.

Saboteurs prefer this tactic because it helps them avoid detection.

"It often passes the muster through the anti-spam vendors because the domain [the phishing page is] appearing on has been around for a while and has a decent reputation, " he said.

Rasmussen said companies like WordPress can help users avoid this fate by enforcing strong passwords and providing regular updates.

Share this article:

Sign up to our newsletters

More in News

Attackers compromise Gizmodo Brazil

Trend Micro is investigating whether a vulnerability was used to compromise Gizmodo Brazil and a logistics firm hosted by the same ISP.

Paddy Power breach impacting 650K customers dates back to 2010

Nearly 650,000 Paddy Power customers who made an account prior to 2010 had data compromised in a breach.

Leahy bill would end bulk data collection, introduce reforms

Leahy bill would end bulk data collection, introduce ...

Sen. Patrick Leahy introduced an NSA reform bill that would update the USA Freedom Act.