Cybercriminals are attacking bloggers who use Google’s Blogger.com. We have received emails intended for bloggers to update their account. Here’s the snapshot email of the email we have received:

The email contains link that will redirect to fake login page of the “Blogger.com”. As seen from the highlighted link, it has a root domain “*.erdca.kr” which is differ from the authentic root domain of blogger.com. The fake login page which is known as phishing site appears to be like this:

Upon entering the bloggers credentials and clicking “Sign in” button on the phishing site above, it will redirect to this page saying the account is updated:

Blogger’s credentials will be secretly sent to the phishers site.

The stolen blog may be:

  • sold for profit due to its readiness to earn income through advertising etc.
  • modified and put phishers advertisements for another potential income.

Be extra careful when logging in your credentials in the internet. Always double check the root domain of the site before you log-on. This will give you an idea if it’s Fake or Authentic site.