Magento phishing mails
Be aware of Magento phishing mails! There is an ongoing phishing mail attack running, mentioning a new Magento patch and providing a link to download a file. Do not click on this link, delete this mail immediately.
Magento phishing mails
Magento never sends mail with download links for patches. Many Magento shop owners and developers got a mail these days with following text:
Recently a vulnerability in Magento was discovered that allows attackers to gain unauthorized access to your webshop. This unfortunately also means attackers can thereby access all information in your webshop including your customer database and the backoffice.
List of vulnerable systems
The vulnerability is found in all Magento versions. Both users of Magento Community and Magento Enterprise are urged to update their webshop as soon as possible.
How to install the update
The vulnerability is resolved by applying patch SUPEE-5344. In order to activate the update you will have to install the patch and flush the cache.
Click the link bellow to update.
https://update.magento.center/admin/?e=…
I changed given param of that link included to … so that you do not click or test this link. Previous, I warned about update.magento.center delivering malware. Now it is obvious how. There is a phishing mail campaign going on.
Obvious reasons not to click this link
For a up to date developer, it is clear, that this mail is nonsense. It mentions a SUPEE-5344 patch. Last patch was SUPEE-10975 so if there is a newer one, it would have a higher number. Magento patches are only available at the official Magento website. There is absolutely no need to click links in mails.
Phishing mail detection
For every mail check twice if sender is possible (never trust gmail addresses that are sending mails for trusted brands like Magento!) and also check if domain is reasonable. update.magento.center looks familiar, because it has Magento in its name. The truth is, that magento.com is the only true domain name and you will only find security patches on this site.
Conclusion
Magento phishing mails are a new kind of attack against Magento shops and online shopping users. It looks as if Magento as a system is too complicated to hack, so hacker are trying different ways to steal credit card numbers or other relevant information.