Is That Really ProtonMail? New Credential Harvesting Threats Targeting Cloud Apps

Victor M

Level 26
Thread author
Verified
Top Poster
Well-known
Oct 3, 2022
1,557
5,848
2,469
Imagine sipping your morning coffee, scrolling through your inbox, when a seemingly innocent ProtonMail message catches your eye. But this isn’t your typical email—it’s a credential-harvesting attempt targeting specific cloud services.

Today, cybercriminals are not just focusing on well-known platforms like DocuSign and Microsoft. They’re expanding their reach, exploiting a variety of cloud apps such as Gravatar by impersonating brands like ProtonMail, telecom giants like AT&T & Comcast Infinity, and regional Canadian ISPs like Kojeko and Eastlink.

 

You may also like...