This phishing scam left thousands of stolen passwords exposed through Google search » Scammer News
Operators of a phishing campaign targeting the construction and energy sectors exposed credentials stolen in attacks that were publicly viewable with a simple Google search.
On Thursday, Check Point Research in partnership with Otorio published a blog post describing the campaign, in which stolen information was dumped on compromised WordPress domains.
The recent phishing attack began with one of several fraudulent email templates and would mimic Xerox/Xeros scan notifications including a target company employee’s name or title in the subject line.
Phishing messages originated from a Linux server hosted on Microsoft Azure and were sent through PHP Mailer and 1&1 email servers. Spam was also sent through email accounts that had been previously compromised to make messages appear to be from legitimate sources.
Attackers behind the…