Tagged: Cloud Wordpress, Troubleshooting
-
AuthorPosts
-
January 4, 2023 at 2:34 pm #74905Telefónica EspañaGuest
Telefónica Cybersecurity & Cloud Tech manages all issues related to cybersecurity incidents and fraudulent actions against [—-Nombre Cliente—-].
We have detected a Phishing incident against Agencia Tributaria de España (Spain’s Tax agency), on a website which has been apparently created and published using your services , from the following URL:
https://demo2.cloudwp.dev/trial-676ttzzv/wp-content/themes/twentytwentyone/hui/
THIS ATTACK MIGHT ONLY BE SEEN FROM MOBILE DEVICES IN SPAIN.
EVIDENCE: https://ibb.co/hDdqV5Twith this IP: 151.139.128.10 related to your network.
This fraudulent content represents a misuse of the intellectual property of Agencia Tributaria de España, and it is being used to obtain personal and confidential information of users, get unauthorized access to their accounts and misuse their financial and/or corporate data (credit cards, email accounts, etc.)
We need your collaboration to stop this fraud by removing the fraudulent file(s), and if possible sending those to us, so we can analyze them and help other victims of this kind of incidents. If you need more information regarding this incident, please contact our SOC 24/7 at +34 900 102 230 (option 7) or by replying to this email ( servicio.antifraude@telefonica.com).
Thank you very much for your attention. Looking forward to your reply.
January 4, 2023 at 2:37 pm #74932Brandon CKeymasterHi Telefónica España,
I’m sorry to hear you’re dealing with this issue. I’ve relayed this over to our BoldGrid Cloud WordPress developers and they are looking into the matter.
If you experience an event like this in the future you can report it directly to our BoldGrid abuse hotline. I will definitely reach back out to you with any updates.
I hope this helps!
January 4, 2023 at 2:55 pm #74939Brandon CKeymasterHi Telefónica España,
I recieved WordPress from our devs that they’re removing those phishing accounts. If you see this again be sure to report it to the abuse hotline immediately.
-
AuthorPosts
- The topic ‘Phishing incident in cloudwp.dev’ is closed to new replies.