Highlights: Check Point Research (CPR) detected an ongoing phishing campaign that uses legitimate services for credential harvesting and data exfiltration in order to evade detection. HTML files are one of the most common attack vectors and are used by attackers for phishing, and other scams Check Point Software’s customers remain protected against this attack Introduction According to Check Point Harmony Email Researchers, credential harvesting has continually been the top attack vector, with 59% of attacks reported. It also plays a major role in ‘Business Email Compromise (BEC), ranging to 15% of attacks made. In order to steal and harvest the […]
The post ‘Sign in to continue’ and suffer : Attackers abusing legitimate services for credential theft appeared first on Check Point Blog.
Read the original article: