Scammers are now targeting various websites lacking reliable protection as they seek an easier and more effective way to distribute phishing pages. Due to the lack of support and maintenance on these old sites, they have become vulnerable to hacking through well-known exploits, paving the way for phishing attacks. Kaspersky experts are shedding light on how fraudsters take advantage of such websites by placing fake pages that gather private and banking data, ultimately leading to money theft under the guise of popular services, including streaming platforms.
According to Kaspersky’s latest research, attackers are focusing their malicious activity on WordPress sites due to known vulnerabilities. In some cases, cybercriminals may not rely solely on software exploits to compromise sites. Instead, they target site administrators with weak passwords or leaked credentials, enabling them to gain unauthorized access to the control panel and publish phishing pages. Frequently, these compromised sites have non-functional buttons on their homepages, so attackers replace original directories with deceptive ones containing phishing content.
The surge in popularity of streaming services has made them a prime target for cybercriminals, who actively exploit this trend. Kaspersky experts are consistently discovering cunningly crafted phishing pages that mimic well-known streaming platforms like Netflix, HBO Max, Hulu, Disney+, and others. Among the analyzed pages, some were deceptively created by using old, hacked websites.
These phishing pages feature login forms resembling those of Netflix, with the URL containing the correct (or modified) name of the targeted streaming service. However, the actual name of the website has no relation to the service it is attempting to imitate. This deliberate manipulation aims to deceive unsuspecting users and trick them into divulging sensitive information.
Phishing page placed inside the “Netflix” directory and imitating the Netflix login form
When unsuspecting users hoping to sign up to a streaming account unknowingly submit their personal information, including account login credentials, banking details (including CVV), users not only suffer financial losses but also risk compromising their valuable data. Additionally, this data gets stored in the site’s control panel. The existence of web shells facilitates unauthorized access to this information, leaving victims vulnerable to a broader audience.
“While streaming services have revolutionized our entertainment habits, it’s crucial to remain cautious in the digital realm. We strongly recommend obtaining subscriptions exclusively from authorized sources to minimize the risk of falling victim to scams. Additionally, explore the availability of subscription manager apps that offer a secure and convenient approach to managing your subscriptions. By leveraging these apps, you can renew your subscriptions safely, maintaining control over your accounts and protecting your sensitive information from potential threats,” comments Olga Svistunova, security expert at Kaspersky.
Subscription management software, like for instance SubsCrub – a startup grown within Kaspersky, offers a seamless solution for tracking subscriptions, simplifying payment reminders, and identifying money-saving opportunities. With its user-friendly interface and robust features, SubsCrab ensures effortless subscription tracking, helping users stay organized and financially savvy.
To learn more about phishing on hacked websites, visit Securelist.com.