Phishing Campaign via Google Ads Targets ManageWP Users

Listen to this Post

A recent phishing campaign using Google Ads is targeting users of ManageWP, LLC. The attackers are employing two malicious domains:

  • menagewp[.]com (ad URL and redirect)
  • orion[.]manaqewp[.]com (phishing page)

The phishing domain closely mimics the legitimate orion.managewp.com, with the letter ‘g’ replaced by ‘q’. Threat actors harvesting ManageWP credentials could compromise WordPress websites for malicious purposes.

You Should Know:

1. Detecting Phishing Attempts

  • Check URLs Carefully: Always inspect the domain name for subtle typos (e.g., `manaqewp` vs. managewp).
  • Use WHOIS Lookup: Verify domain registration details:
    whois manaqewp.com 
    
  • Browser Extensions: Install PhishFort or Netcraft Extension to detect phishing sites.

2. Securing ManageWP & WordPress