A Nigerian government website was compromised by attackers to host a phishing page to steal DHL users' credentials. According to MalwareHunterTeam who discovered this phishing instance on the site of Nigerian National Assembly (NASS), the fraudulent page was operating for more than two weeks.
With Nigeria having a maligned history with online frauds, the latest incident indicates that even government sites are not spared.
Why it matters?
BleepingComputer, which reported on this DHL phishing scam, suggested that user credentials might be up for sale in the dark web. “No matter how many times credentials are submitted, there's the same outcome. Once they get them, cybercriminals can sell them on underground forums for as little as $10 apiece,” it reported.
On the other hand, malicious sites posing as NASS are also believed to provide grounds for other malicious activities apart from phishing.