Security News > 2020 > May > Phishing attack impersonates Amazon Web Services to steal user credentials
The emails spoof an automated notification from AWS to try to capture Amazon account credentials, according to Abnormal Security.
A blog post published Wednesday by security provider Abnormal Security describes how phishing attacks are taking advantage of Amazon Web Services to steal user credentials.
In this new phishing campaign, the attackers deploy an email that contains an automated notification allegedly from Amazon Web Services.
All the payload links take the user to AWS credential phishing websites.
Each of the phishing emails discovered have come from the same IP address hosted by a French VPN. "Employee credentials that can get to their cloud accounts are an easy way to get to the prized possessions of an organization," said CloudKnox Security CEO Balaji Parimi.
News URL
Related news
- whoAMI attacks give hackers code execution on Amazon EC2 instances (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- How New AI Agents Will Transform Credential Stuffing Attacks (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)