Nigerian government site popped, used for phishing scam
I'm writing from the Financial Reporting Council of Nigeria, hosted on obsolete Joomla
Malfeasants have embedded a phishing scam inside the Financial Reporting Council of Nigeria's web site.
The Council is legit: it's Nigeria's accounting standards and corporate governance oversight organisation. That role, says Netcraft, doesn't make it a wizard at information security, because someone's found their way in to an images directory on the Council's web site and planted a phish there.
The scam asks for users email address and password, and the phone number used as backup login creds for Gmail. As Netcraft points out, the scam's a little unusual because most phishes go straight for bank account details. This effort looks like an attempt to cash in on those who use one password on multiple sites.
Planting the scam on the Council's site appears to have been possible because it runs version 2.5.28 of the Joomla content management system. That code went end of life in 2014 and is therefore unsupported.
As ever, caution is advised when in receipt of emails suggesting Nigerian transactions of any sort. ®