Security News > 2020 > May > Phishing attack impersonates Amazon Web Services to steal user credentials
The emails spoof an automated notification from AWS to try to capture Amazon account credentials, according to Abnormal Security.
A blog post published Wednesday by security provider Abnormal Security describes how phishing attacks are taking advantage of Amazon Web Services to steal user credentials.
In this new phishing campaign, the attackers deploy an email that contains an automated notification allegedly from Amazon Web Services.
All the payload links take the user to AWS credential phishing websites.
Each of the phishing emails discovered have come from the same IP address hosted by a French VPN. "Employee credentials that can get to their cloud accounts are an easy way to get to the prized possessions of an organization," said CloudKnox Security CEO Balaji Parimi.
News URL
Related news
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- GoIssue phishing tool targets GitHub developer credentials (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (source)