Security News > 2020 > August > How phishing attacks have exploited Amazon Web Services accounts

How phishing attacks have exploited Amazon Web Services accounts
2020-08-25 18:45

A series of recent phishing attacks tried to take advantage of organizations that use Amazon Web Services.

In one phishing campaign reported to KnowBe4, the attackers created a basic, no-frills scam to harvest the credentials of AWS users.

After the landing page captured the AWS credentials of any unsuspecting victims, the process redirected them back to Amazon itself, as if to place them in safe hands.

Harvest sensitive data from the account to be exploited in still further attacks against customers, partners, or clients.

Use an organization's AWS account as a phishing platform, which could involve exploiting the account to distribute malware as well as host credentials-phishing pages or other files used in phishing attacks.


News URL

https://www.techrepublic.com/article/how-phishing-attacks-have-exploited-amazon-web-services-accounts/#ftag=RSS56d97e7

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Amazon 60 4 39 62 15 120