The Hacker News reported on 28 April 2025 that "Wordpress CMS WooCommerce extension users have been targeted by a fake patch phishing campaign deploying site backdoors".
Joomla! CMS users should also be vigilant to avoid falling prey to similar such attacks.
Hacker News state that targeted websites are urged to visit the phishing campaign's website, which uses an "IDN homograph attack" to disguise itself as the official WooCommerce website.
Wikipedia dscribes it as "a method used by malicious parties to deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike."
Targeted users receive an email urging them to click on a link to download and install the supposed security fix.
Result: they are then redirected to a spoofed WooCommerce Marketplace web page hosted on the domain "woocommėrce[.]com" (note the use of "ė" in place of "e").
Read more: Phishing attack targeting Wordpress CMS users
What can you you do to protect your Joomla! CMS?
Avoid thoughtlessly clicking links and loading external images when you receive any emails.
If you doubt the authenticity of an email and action is required (example domain a patch) then visit the Client Area of the developer's website rather than click an embedded link.
Better still, only update your website's extensions from within the website Dashboard.
About The Hacker News
"The Hacker News (THN) stands as a top and reliable source for the latest updates in cybersecurity. As an independent outlet, we offer balanced and thorough insights into the cybersecurity sector, trusted by professionals and enthusiasts alike."
Subscribe to The Hacker News newsletter when you visit the following link.
And keep up to speed with the latest security threats affecting your Operating System, Web Browser and Website.
Read more: About 'The Hacker News' Media
More about WYNCHCO Solutions
We offer Joomla! CMS website coaching design and support services to business, academy school, public and third sector organisations which subscribe to WYNCHCO Joomla! CMS Support.
We support organisations in Cheshire, Manchester, Merseyside, and the North West region from our office in Warrington. If you are based in the UK but outside the North West, we can still help.
Our Mission is to put you in control of your website.
We enjoy keeping up-to-date with the latest Joomla! developments, trends and best practices and sharing our expertise with you to help you optimise how you use your Joomla! CMS website.
We work hard to develop and maintain long-lasting customer relationships.
We aim to deliver excellent support to our customers at all times.
We pride ourselves on building long-standing close-working relationships with our customers.
Key words
- Collaboration.
- Flexibility.
- Shared Purpose.
- Trust.
Our commitment
To provide you with:
- accurate and up-to-date product information,
- helpful solutions to support requests,
- transparent invoicing,
- SSL encryption when you visit our website.
To monitor our services to ensure optimal performance.
To safeguard your personal data.
To resolve your concerns promptly and professionally.
To pay our suppliers promptly and in return ask that our customers do the same.