Phishing Campaigns Use Free Online Resources, (Wed, Sep 21st)

This post was originally published on this site

A phishing campaign needs some resources: bandwidth, CPU, storage, … For a very long time, a lot of phishing kits have been hosted on compromised servers. The most popular are CMS with weak configurations or outdated. I think that WordPress is the number one in this category. By careful, it does not mean that WordPress is a bad CMS. Most vulnerabilities are introduced through plugins. Once compromised, the phishing kit files are copied on the server and usually are reachable via the /wp-content/ or /wp-plugin/ directories.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.