Operators of a phishing campaign targeting the construction and energy sectors exposed credentials stolen in attacks that were publicly viewable with a simple Google search.
On Thursday, Check Point Research published a blog post describing the campaign, in which stolen information was dumped on compromised WordPress domains.
The recent phishing attack began with one of several fraudulent email templates and would mimic Xerox/Xeros scan notifications including a target company employee’s name or title in the subject line.