Security News > 2020 > May > Phishing attack impersonates Amazon Web Services to steal user credentials
The emails spoof an automated notification from AWS to try to capture Amazon account credentials, according to Abnormal Security.
A blog post published Wednesday by security provider Abnormal Security describes how phishing attacks are taking advantage of Amazon Web Services to steal user credentials.
In this new phishing campaign, the attackers deploy an email that contains an automated notification allegedly from Amazon Web Services.
All the payload links take the user to AWS credential phishing websites.
Each of the phishing emails discovered have come from the same IP address hosted by a French VPN. "Employee credentials that can get to their cloud accounts are an easy way to get to the prized possessions of an organization," said CloudKnox Security CEO Balaji Parimi.
News URL
Related news
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)
- Australian pension funds hit by wave of credential stuffing attacks (source)
- Phishing kits now vet victims in real-time before stealing credentials (source)
- iOS devices face twice the phishing attacks of Android (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Phishing detection is broken: Why most attacks feel like a zero day (source)
- DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack (source)