Fraudsters exploit websites for phishing scams

Scammers are targeting various sites that lack reliable protection as they look for an easier and more efficient way to distribute phishing pages. Due to the lack of support and maintenance on these legacy sites, they become vulnerable to hacking through known exploits, paving the way for phishing attacks. Kaspersky experts shed light on how fraudsters exploit such sites, putting up fake pages that gather private and banking data, ultimately leading to the theft of money under the guise of popular services, including streaming platforms.

According to recent Kaspersky research, fraudsters are focusing their malicious activity on WordPress sites due to their known vulnerabilities. In some cases, cybercriminals may not rely solely on software exploits to breach websites. Instead, they target site administrators with weak passwords or leaked credentials that allow them to gain unauthorized access to the control panel and publish phishing pages. Often, these compromised sites have non-functional buttons on their home pages, so attackers replace the original directories with misleading directories containing phishing content.

The increasing popularity of streaming services has made them a prime target for cybercriminals, who are actively exploiting this trend. Kaspersky experts are constantly discovering phishing pages that mimic well-known streaming platforms such as Netflix, HBO Max, Hulu, Disney+ and others. Among the pages analyzed, some were created fraudulently using old, compromised websites.

These phishing pages feature login forms that resemble those of Netflix, with the URL containing the correct (or modified) name of the targeted streaming service. However, the actual name of the website has nothing to do with the service it is trying to impersonate. This deliberate manipulation is intended to deceive unsuspecting users and trick them into revealing sensitive information.

When unsuspecting users hoping to sign up for a streaming service account unknowingly submit their personal information, including account login credentials, bank details (including CVV), users not only suffer financial losses but risk exposing their valuable data. In addition, this data is stored in the website's control panel. The existence of web shells facilitates unauthorised access to this information, leaving victims vulnerable to a wider audience.

The recently released SubsCrub app, a startup developed within Kaspersky, offers a seamless solution for tracking subscriptions, simplifying payment reminders and identifying money-saving opportunities. With its user-friendly interface and powerful features, SubsCrab ensures easy subscription tracking, helping users stay organized and financially aware.