BleepingComputer reports that Kinsta is having its customers targeted by phishing attacks using fraudulent Google Ads that redirect to pages masquerading as the WordPress hosting provider's official websites in a bid to exfiltrate login credentials for the MyKinsta service.
Individuals who once clicked on the official websites of Kinsta have been lured to click on sponsored sites that impersonate Kinsta's, said the firm in an email alert sent to its customers. "The sponsored websites are dangerous, and you should not click on any links with URLs other than kinsta.com or access fraudulent sites in any way," noted Kinsta, which urged its users to be vigilant of links that do not direct to their sites, as well as activate two-factor authentication to protect their accounts. Such a development comes amid the increasingly prevalent exploitation of Google Ads in phishing schemes, with some of the ads promoting websites masquerading as those for Brave, AnyDesk, Grammarly, and other legitimate software to facilitate the distribution of malware.
TechCrunch reports that major U.S. healthcare revenue and payment cycle management provider Change Healthcare had its systems targeted by a cyberattack on Feb. 20, which resulted in the loss of access across most of the prescription processor's login pages.