Hackers are targeting top executives to steal their work logins

Attackers are phishing for your credentials

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Analysts at cybersecurity firmProofpointhave claimed high-level execs at some of the world’s leading companies are repeatedly targeted with credential-stealing attacks.

More alarmingly, according to the figures, around one-third (35%) of the compromised users observed over the past year had multi-factor authentication (MFA) enabled.

The attacks come amid a rise in cases of EvilProxy, a phishing tool based on a reverse proxy architecture, which Proofpoint says allows attackers to steal even MFA-protected credentials.

Account passwords are highly sought-after

Threat actors are now increasingly using Adversary-in-the-Middle (AitM) phishing kits (including the above-mentioned EvilProxy) to steal credentials and session cookies in real time.

These are the best identity theft protection>Beware - that email from HR could well be a phishing scam>Watch out - that unexpected Microsoft alert could well be a phishing attack

The scale of the problem is only clear when Phishing-as-a-Service (PaaS) is unpacked. PaaS allows even technically challenged attackers to take part in credential-stealing activities.

In the three months leading up to June 2023, Proofpoint observed around 120,000 EvilProxy phishing emails being sent to hundreds of targeted organizations globally, with many targetingMicrosoft365 user accounts in particular.

Fortunately, an overview of the attacks has enabled Proofpoint to pinpoint some of the most common tactics when it comes to phishing attacks, including brand impersonation and cybersecurity scan blocking.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Another telltale sign of an attack could be that the attacker leads a victim down a multi-step path, via legitimate redirectors likeYouTube, to the point where malicious cookies and 404 redirects execute an attack.

The firm recommends effective email monitoring with a strong business email compromise (BEC) prevention solution as well as other cloud and web security products. Regular cybersecurity training for staff is also an effective way to prevent mistakes by would-be victims, while those looking to take security even further can employ passwordless passkey authentication for eligible accounts.

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

Adobe’s decision to eliminate perpetual licensing for its Elements software has stirred controversy among consumers

VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats

This can’t get any better for Black Friday – LG’s B4 OLED TV drops to just $649.99