cPanel CMS Connected to Phishing Attacks

Bank fraud phishing attacks are now targeting the web hosting control panel, cPanel

Considerably lucrative yet surprisingly low in victim numbers, bank fraud phishing attacks have been on the rise as of late. Earlier this year, the leading news regarding these malicious attacks concentrated on the injection code and iframe methods. These types of attacks mainly targeted Javascript coding and advertising banners. Now it seems not even control panels are immune from being used to defraud banking institutions.

cPanel, an extremely popular CMS (Content Management System) used by many web hosting companies, is the latest to fall victim to nefarious security breaches. E-mails are being sent directly to web site owners requesting confirmation of their log-in credentials. Once this information is offered, the phishing criminals proceed to upload extremely convincing bank web sites with the sole purpose of stealing money.

According to Trusteer, a leading provider of secure browsing services, the e-mails sent provide what appears to be a valid URL in type but upon clicking on this link a decidedly different URL is loaded. Many users are not checking the actual visited URL and willingly provide their log-in information. This information is sent to the criminals who then log in and upload the bank phishing web pages. Spam e-mails are then sent out to other unknowing web users directing them to the fraudulent banking pages.

Typically, less than one percent of those who receive the e-mails to the fraudulent banking web sites fall victim to the theft. However, the total amount of cash hauled in with each victim runs around $2,000. Estimates put the total cash pull as between $2.4 million and $9.4 million each year.

The bank customer is not the only one who loses in these schemes. The resulting damage to the web site owner includes severe downtime due to requested removal by the attacked banking institution, downtime to remove the phishing web pages, and even blacklisting by phishing filters; all of which can equate to a loss of customers.

The overall recommendation by Trusteer and many security-minded companies is to never click on links provided in e-mail correspondence. If there is ever a question regarding one’s control panel or FTP information and it needs to be checked, manually typing in a trusted URL into the browser bar is the best route to take. In the end, a few basic precautions can save web site owners from weeks, possibly even months, of damage control.