User credentials stolen by AWS phishing scam via fake notification

Millions of customers around the globe are at risk due to the new phishing scam.

Hackers are using phishing scams in a consistent and repeated way to trap various users and fulfill their malicious intentions. A recent news of hackers circulating AWS fake notification to steal user credentials was surfaced in which hackers are trying to target various users around the globe.

The hackers are circulating emails which have a similar editing as the AWS official login page. This fake login page requests the login credentials of the user. A recent research on this matter has released that the email originated from a France-based VPN.

Every payload link that’s part of this campaign leads to AWS credential-stealing websites. If the credentials are entered, the attackers will gain access to the user’s AWS account and sensitive data will be exposed.

AWS has several clients which are huge organizations that deal with a lot of sensitive data. Loosing such data can cost a huge dent in the security and economy of the organization. Such phishing scams pose a severe threat to the security and can cause a lot of menace.

Use NPAV and join us on a mission to secure the cyber world.