Trusteer, a known security vendor, revealed that they have discovered a Phishing scam that targets cPanel dedicated linux servers users. According to reports, the scam claims to be affiliated with search giant Yahoo that’s seeking for FTP data. However, when the email starts with Yahoo, it immediately expands to other unidentifiable services.

cPanel is defined as a backend administration service that allows a website owner to manage and control FTP access, Email access, SQL administration, and others. Users get to see cPanel together with WHM which is an administration service that provides access to server controls which covers removing or adding online sites, server restarts and DNS management among others.

Most of the dedicated server or hosting companies offer the cPanel service which provides malicious individuals the opportunity to get sensitive information.

The scam involves getting a Phishing emails that ask Yahoo users to take a few moments to confirm FTP details due to maintenance. Once the user clicks on the link on the email then a form will be generated to confirm the login and passwords.

Trusteer CTO Amit Klein said that this may be trivial for owners of smaller sites but if bigger sites avail of this, there’s a possibility that a bigger damage will be made.

Klein said that once crucial information has been acquired, then criminals can easily get funds from business and consumer accounts without the victims knowing it.

This entry was posted on Wednesday, December 16th, 2009 at 5:28 am and is filed under School of Technology, Web Info. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.