Secure DNS Scam (DNSSEC) Targets WordPress Bloggers

According to Sophos cybersecurity researchers, a new scam targeted at WordPress bloggers is currently circling the web. Over the weekend, the researchers received a well-crafted scam message that looked more convincing than many other scams out there.

DNS Scam Targeting WordPress Bloggers

The message pretended to come from WordPress itself, claiming that DNS security features would soon be added for their domain.

Here’s an excerpt from the fake email message that Sophos received:

From: WordPress
Subject: nakedsecurity.sophos.com DNS Update
We’re upgrading your domain DNS for something even better, freely!
We care about your privacy and the protection of your domains, so we will soon be upgrading them, from basic Domain Name System (DNS) to Domain Name System Security Extensions (DNSSEC).

And here’s an actual screenshot of the scam message’s contents:

Image Source: Sophos

Most users today are aware that DNS stands from domain name system, the globally distributed databases that turns server names into network numbers. In fact, as pointed out by the security experts, DNSSEC which is mentioned in the message (see above) does exist. It is a protocol that adds authentication to DNS data transfers with the idea to prevent cybercriminals from filling the DNS database with fake entries that hijack web traffic.


Also Read DNS Propagation – What Is It and How It Works


DNSSEC means domain name system security extensions, and it has been available for more than 20 years. However, since DNSSEC is usually a feature used by service providers to help sustain their own DNS databases, most bloggers and website owners most likely have never set it up by themselves. This means that receiving this message could most likely trick bloggers into believing its authentic, which could lead recipients into revealing sensitive information, which is what usually scammers are after.

Any data you enter here goes straight to the crooks, and if you don’t have two-factor authentication enabled on your account, the crooks may very well be able to log on to your website or blog right away and take it over completely, Sophos warns.

What can WordPress bloggers like you do to protect themselves?

Here are a couple of simple but useful tips:

  • Don’t reveal your login credentials via links you received in unexpected emails. Usually, most companies and services don’t support this practice, and would find a more appropriate way to inform you about any changes that concern you.
  • Use two-factor authentication to increase your account’s security.

Follow us for more useful WordPress and web hosting news.

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.