14 DAY TRIAL // Cybercriminals have hacked the official UGG blog (blog.uggaustralia.com) and they’re using it to host a malicious file that’s part of an HSBC phishing scam designed to harvest the personal and financial details of unsuspecting internauts.
Netcraft experts report that the attack starts with an email which comes with an HTML file attached to it. When executed, the HTML file opens a webpage that replicates the official HSBC website.
Here, victims are asked to hand over their information. The submitted data is harvested by a PHP script stored in the UGG blog’s stylesheet directory.
In the final phase, victims are redirected to the legitimate HSBC website to make everything more legitimate-looking.
It’s worth noting that the UGG blog, hosted by Media Temple, is powered by WordPress, which means there might be a connection between this scheme and the recent brute-force attacks utilized to hijack WordPress websites.
In case you’re a victim of these schemes, contact HSBC immediately.