A WordPress hosting company is warning its users that they’re being targeted by cybercriminals looking for their login credentials.
Kinsta sent out alerts to its customers warning them of a malicious Google ads campaign redirecting visitors to a fake Kinsta website, asking them to log in for different reasons.
By “logging into” these fake websites, the victims would be providing their login credentials to the attackers, which could then be used to take over the websites.
Staying safe
Besides the malicious Google ads campaigns, the company also warned of phishing attacks, saying Kinsta users could start getting emails impersonating the company and providing links to fake login pages.
While Google usually does a good job of keeping its advertising network clean, sometimes criminals manage to squeeze through - mostly by breaking into previously verified accounts with multiple successful campaigns. There are many ways threat actors could use the stolen websites, too, from stealing sensitive information (login credentials, for example), to serving even more malicious ads, to hosting malware, and more.
Kinsta said it’s "actively identifying" and shutting down the malicious sites the ads link to, but added that users should be mindful of what they’re clicking on. The company recommends users take multiple steps to remain safe online and protect their accounts. That includes opening the website by typing in the address in the address bar, rather than just searching for it and clicking on the first result.
Additionally, users should be careful with any communication (email, SMS) that claims to be coming from Kinsta. Finally, they should secure their WordPress accounts by generating a strong password, and enabling multi-factor (MFA) authentication.
Via BleepingComputer
More from TechRadar Pro
- Update WordPress now to fix this significant security flaw
- Here's a list of the best firewalls today
- These are the best website builders right now