Credential Harvesting

Not a new attack type, but has evolved to accommodate cloud networks. One of the most common ways to carry out credential harvesting is by sending phishing emails directing users to a fake website. The fake website would then be made to impersonate a legitimate cloud service such as Gmail, Office 365 or others. Many cloud services use SSO or federated authentication. Users may also be allowed to login using Facebook, Google or Apple credentials. Spear phishing campaigns can be used to direct users to websites impersonating these social media sites to harvest credentials.

Last updated 27 days ago