- Pypi warns that phishing attacks will persist in using false areas and urgent messaging tactics
- The victims are led to check the accounts via typosquatated sites such as pypi-mirror.org
- Users and maintainers have asked to adopt 2FA password managers resistant to phishing and domain
Phishing attacks against users and Pypi’s maintainers will continue, the foundation is warned, because it has urged members to tighten up in safety and remain vigilant.
A new blog article, published by the developer in residence of the Foundation, Seth Larson, noted that the most recent attacks are the continuation of a campaign of several months which uses convincing emails and typosquatated areas to steal people’s identification information.
“Unfortunately, the series of phishing attacks using domain confusion and legitimate emails continues,” wrote Larson. “This is the same attack as Pypi saw a few months ago and targeting many other open source benchmarks, but with a different domain name. Judging by this type, we think that this type of campaign will continue with new areas in the future.”
How to stay safe
In emails, the victims are asked to “check” their addresses for “account maintenance and security procedures” and threatened with closing the account if they do not comply.
This feeling of emergency and threat is typical for a phishing email, which redirects the victims to Pypi-mirror.org, an area that does not belong to Pypi or the Pytware Foundation Python.
“If you have already clicked on the link and provide your identification information, we recommend that you immediately change your password on Pypi,” warned Larson. “Inspect the security history of your account for everything that is unexpected. Report a suspicious activity, such as potential phishing campaigns against pypi, to [email protected]. ”
Phishing is both extremely difficult and extremely easy to defend. In theory, the use of common sense and reflection before click should be enough in most cases. However, just in the event of a drop in focusing, users are advised to use the 2FA resistant phishing such as material tokens.
Officials, on the other hand, should use a password manager that automatically fills according to the domain name. If the automatic filling does not work when it usually does, it is a huge red flag. The 2 -factor resistant to phishing is also recommended.
Via The register
