More than a thousand stolen usernames and passwords have appeared on the Web following an error by fraudsters. Experts spotted the leak at Check Point Software Technologies.
Cybercriminals have accidentally posted more than 1,000 stolen IDs and passwords to the Internet, experts from Check Point Software Technologies have said.
According to them, hackers were sending phishing emails disguised as Xerox scan notifications last August, each containing a malicious attachment that bypassed Microsoft Office 365’s security filters. Opening it, the user was directed to a phishing site disguised as the homepage of popular companies, in this case, Xerox.
“The email addresses and passwords company employees entered on the phishing site were sent to hacked servers as text files. Google, which constantly indexes web pages, automatically included files containing stolen data in search results, making them accessible to any user who enters an appropriate query,” explain experts at Check Point Software Technologies.
An operation that went wrong
Thus, cybercriminals have gained access to more than a thousand data from employees of companies around the world. However, the fraudsters did not consider one thing: if they can find these pages themselves on the Internet, then Google can too.
“It is a real failure of the operation in terms of security,” said analyst and chief expert Lotem Finkelstein.
The construction and electricity sectors were the most affected by the phishing campaign, experts concluded.