Credential stuffing is when known passwords and usernames are used to try to take over online accounts. Recently an organization had almost 200,000 customer accounts compromised like this.
Learn more about it and what to do to protect yourself.
Author: Erich Kron
Have you ever wondered what happens when you click on a link from one of thos Amazon text messages that say your account is suspended? Here I run through one of those so you understand what they are doing.
TLDR; They capture anything you put in the form, login info, social security number, credit card, whatever.
Do not try this at home – This was done from a secure computer that is resistant to viruses. Some of these links CAN try to infect your computer or phone.
I was fortunate to to be quoted in this article about the Phishing as a Service group ‘Robin Banks’. Check it out
I was quoted in this article. It’s always awesome to get quoted. 🙂
https://www.infosecurity-magazine.com/news/microsoft-phishing-campaign-mfa/
I was quoted in good ‘ol ‘El Reg today. It’s cool to see myself quoted on a page I read every morning as I started the day.
This big phish can swim around MFA, says Microsoft Security
Categories
Large-Scale Phishing Campaign Bypasses MFA
I was quoted here about this MFA bypass technique
Categories
I Was Quoted in Dark Reading
It’s always cool to be quoted. This time it was about Microsoft 365 users and how they are being targeted by voicemail-themed phishing attacks.
https://www.darkreading.com/remote-workforce/microsoft-office-365-users-raging-spate-attacks
Here is another publication that picked up my quote about Microsoft 365 credential phishing via phishes that appear to be realted to voicemails.
https://www.techrepublic.com/article/targeted-voicemail-phishing-attacks/
Here is a link to the podcast I did with Patrick Laverty for the Layer 8 Podcast. Patrick also runs the annual Layer 8 Conference, which is focused on OSINT and social engineering. It’s a great conference that won’t break the bank. After listening to the podcast, check out the conference.
