A new phishing campaign is designed to steal FTP credentials from website owners so the fraudsters can set up fake bank websites, a security firm warned Monday. The messages appear to come from web hosting providers, such as Yahoo, according to researchers at Trusteer.
The emails target owners of sites that use cPanel, which offers these hosting providers backend automation software to build assets, such as email accounts and databases. cPanel also oversees FTP account control.

The phishers request the FTP credentials of the recipient, according to the Trusteer report.

"Due to the system maintenance, we kindly ask you to take a few minutes to confirm your FTP details," one message reads. "Please confirm your FTP details by using the link below."

The link for this article located at SC Magazine is no longer available.