Phishing attack targeting Wordpress CMS users is a timely reminder for Joomlers

28 April 2025.

Phishing attack targeting Wordpress CMS website owners is a timely reminder for Joomlers.

The Hacker News reports that "Wordpress CMS WooCommerce extension users have been targeted by a fake patch phishing campaign deploying site backdoors".

Joomla! CMS users should also be vigilant to avoid falling prey to similar such attacks.

Hacker News state that targeted websites are urged to visit the phishing campaign's website, which uses an "IDN homograph attack" to disguise itself as the official WooCommerce website.

Targeted users receive an email urging them to click on a link to download and install the supposed security fix.

Result: they are then redirected to a spoofed WooCommerce Marketplace web page hosted on the domain "woocommėrce[.]com" (note the use of "ė" in place of "e").

Read more: Phishing attack targeting Wordpress CMS users.

What can you you do to protect your Joomla! CMS?

Avoid thoughtlessly clicking links and loading external images when you receive any emails.

If you doubt the authenticity of an email and action is required (example domain a patch) then visit the Client Area of the developer's website rather than click an embedded link.

Better still, only update your website's extensions from within the website Dashboard.

About The Hacker News

"The Hacker News (THN) stands as a top and reliable source for the latest updates in cybersecurity. As an independent outlet, we offer balanced and thorough insights into the cybersecurity sector, trusted by professionals and enthusiasts alike."

Subscribe to The Hacker News newsletter when you visit the following link.

And keep up to speed with the latest security threats affecting your Operating System, Web Browser and Website.

Read more: About 'The Hacker News' Media.