Blog | G5 Cyber Security

Tricky Phish Angles for Persistence, Not Passwords Krebs on Security

A new phishing tactic allows the attacker to gain full access to a users data stored in the cloud without actually stealing the account password. The attack is not exactly new: In 2017, for instance, phishers used a similar technique to plunder accounts at Google’s Gmail service. The resulting compromise is quite persistent and sidesteps two-factor authentication, and it seems likely we will see this approach exploited more frequently in the future. The most recent versions of this stealthy phish targeted corporate users of Microsoft’s Office 365 service, the same approach could be leveraged to ensnare users of many other cloud providers.”]

Source: https://krebsonsecurity.com/2020/01/tricky-phish-angles-for-persistence-not-passwords/

Exit mobile version