Credential phishing is a type of email-based attack that uses malicious web forms mimicking legitimate websites to steal the victim’s login credentials. Potentially targeted credentials can include any web-based service, including:
- Microsoft Outlook Web Access (OWA) and other corporate web-based email services
- Free webmail services (e.g., Gmail, Yahoo, Hotmail)
- Cloud-based sync and sharing services (e.g., DropBox, Box)
- Online shopping (Apple ID, Amazon, etc) and loyalty program logins
The credential phishing site frequently appears to be a perfect copy of the targeted website, and as a result a quick visual scan by the victim does not arouse suspicion. However, the domain in the URL will be under the attacker’s control, rather than owned by the targeted organization, and may indicate that the site is not legitimate.
Credential phishing is one of most successful social engineering technique to target larger organizations.