- Posts
This is Jaime Torres from Hispasec Sistemas, an international IT security company.
I’m contacting you because we have detected a phishing hosted on your servers.
IP address: 151.139.128.10
URLs:
* hxxps://demo3[.]cloudwp[.]dev/trial-t76xyut8/wp-content/plugins/sa/The fraudulent page is trying to simulate an official banking website in order to steal passwords of online banking users.
Proof of fraudulent activities:
* https://www.virustotal.com/gui/url/58809f3ca18cee676de6492c358a41c01077d45b9d9390ea68324b3970cb4ae3The official site(s) is(are):
* caixabank.esPlease, remove the fraudulent content as soon as possible. Thank you in advance.
Hi Hispasec Sistemas,
We’re sorry to hear you’re dealing with this issue for our Cloud-Wp Services. We have an abuse hotline that you can reach out to report this concern and have it eradicated.
Please let us know if you have any trouble with the Abuse Hotline form.
After completing the inquiry we will reach back out to you directly with any updates. I hope this helps, please let us know if you have any other questions for us.
Thank you
Hi Brandon.
We’ve already tried to send a report through the form you provided but it won’t let us send it.
Best regards,
Nicolás.
- The topic ‘Phishing Incident on Cloud WP servers ( 151.139.128.10 – demo3.cloudwp.dev )’ is closed to new replies.
