One of the most common methods cybercriminals use to deliver phishing and malware to unsuspecting users is compromising legitimate websites, such as those hosted on WordPress, to house their own malicious content for free.
The URLs of compromised sites used for phishing attacks reach users through spam emails, allowing security professionals to keep track of their volume. In 2016, according to an Anti-Phishing Working Group (APWG) report, phishing attack campaigns shattered all previous years’ records, which the firm began monitoring in 2004.
