Webmasters Take Bait For Look-Alike Phishing Scam

Cyber fraudsters have recently turned their attention to webmasters in a massive phishing campaign. The latest cyber attack attempts to trick web hosts into giving up credentials needed to administer their sites. The emails have already been sent to customers of the world's most widely used webhosts. These include the services GoDaddy, Hostgator, Yahoo! and 50Webs. All the messages are from a malicious source but claim to come from the hosting service although the subject titles tend to vary.

According to web security experts, admins from at least 90 different web hosts have been targeted. The email reads:

"Due to the system maintenance, we kindly ask you to take a few minutes to confirm your FTP details."

If the bait is taken, victims will be led to a website formatted to look like a page from cPanel, the widely used website administration program.

Once a particular website's address and FTP credentials are entered, the unlucky users will be directed to the host's login page. This is where a webmasters login credentials can be stolen and put in the hands of hackers to potentially administer malware or malicious actions on the compromised website.

In the past year cyber scammers have made a point of targeting website administrators. A web security review in the third quarter of 2009 reports that 5.8 million pages from 640,000 websites have been infected with corrupt code designed to launch malware attacks. At this rate it would be wise for webmasters to take precautionary messures as to be cautions of such phishing scams.

This year (2009) an infection known as Gumblar took over at least 2,000 websites by stealing their administrator credentials. This is further evident of how real this threat is to not only webmasters but the visitors of sites that have been compromised or laced with malware.