Phishers are targeting AWS accounts holders with fake email security alerts and redirecting them to a high-fidelity clone of the AWS Management Console sign-in page, Datadog researchers have warned. The cloned AWS phishing page (Source: Datadog Security Labs) The campaign has been running since the end of February and possibly earlier. “In one observed case, the operator authenticated to a compromised AWS account within 20 minutes of credential submission,” the researchers noted. Fake AWS security … More
The post Attackers use AiTM phishing kit, typosquatted domains to hijack AWS accounts appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: