An interesting new phishing attempt that I haven’t seen before.
An email received (blocked by my spam filter, but I grabbed from quarantine because it looked so unusual)
The link in the email goes to http://eco-chem.org/wp-content/wordpress.html and is forwarded to http://www.dellhouse.co.uk/wp-content/update/security/wordpress/database/login/website/index.html Both obviously hacked insecure sites. Now this looks like the start of a campaign and attempts to trick you into providing your WordPress site details and log in credentials so they can use that site to continue spreading their malware & spam. I expect we will see more of this with many different sites
This is the first page you are presented with which looks like a genuine Word press log in page
then after pressing log in, you get:
Then pressing update gets you to:
where pressing continue gets you to the genuine http://en.support.wordpress.com/upgrades/ site
Obviously you should NOT fill in any log in details on such sites and definitely never give anyone your credentials