Learn about Credential Theft and protect your organization with resources from Cofense
What is credential theft?
Credential theft is when threat actors steal credentials to gain access, bypass an organization’s security measures, and steal sensitive data. Once access is gained to an internal account, they can launch more widespread and malicious attacks across an organization’s network. Phishing is the most common form of entry because it is inexpensive and efficient. Security awareness training is critical to train employees to identify and report these attacks before your organization’s finances and reputation are at risk.
- Credentials are highly valuable. They provide adversaries access to sensitive accounts and information without setting off security alarms.
- Credential phishing pages are inexpensive to host and attackers can easily change the infrastructure of these malicious webpages.
- Credential phishing attacks leave few indicators of compromise (IOCs), making breach investigations difficult.
- Threat actors abuse trusted collaboration sites and cloud providers including Microsoft, Google, Adobe, and DropBox to deliver credential phishing attacks and malware.
The Cofense PDC found 67% of phishing emails are designed to steal user credentials
Over the past year, Cofense saw a 150% increase in the use of HTML attachments in credential phishing attacks
Of the credential phishing attacks Cofense observed, 52% were branded as Microsoft