News
Report: Man-in-the-Middle Phishing Grows, Using Real Login Process to StealCredentials
May 2023 by Cofense
Cofense will release a new report that dives deeper into the power of man-in-the-middle (MitM) attacks when combined with credential phishing. In this context, rather than setting up one fake login page, attackers lure victims to web servers which will broker the entire authentication process between the user and the actual destination.
If successful, threat actors can use the harvested usernames, passwords, and session cookies to gain access to a victim’s account and even bypass multi-factor authentication.
Based on a few tell-tale signs, Cofense Intelligence has identified notable trends, including:
• 35% increase in volume reaching inboxes between Q1 2022 and Q1 2023
• 94% of MitM credential phishing attacks reaching inboxes targeted O365 authentication
• 89% of campaigns used at least one URL redirect, and 55% used two or more
Let me know if you’re interested in taking an embargoed look at the report ahead of its release tomorrow, May 9. I’d also be happy to connect you with Joe Gallop, Intelligence Analysis Manager at Cofense, to walk you through the key findings of the report.
