A growing and popular phishing attack is one designed to steal credentials – mainly login data that can be used to gain access to applications, networks, and ultimately valuable data. Man-in-the-middle (MiTM) attack is an example of a popular method hackers use to obtain credentials. One of the reasons credential stealing is growing as a phishing threat is the fact that it targets and exposes the weakest link in the network security equation – human fallibility. Unlike malware or rogue software, credential stealing can bypass the traditional phishing protection tools and security software to target the human element. Another reason for it’s growing popularity? Well, ask yourself how many times you use the same login credentials for different sites and applications, and you’ll see that phishing threat actors can steal credentials once and likely use it at multiple locations.

Just how popular is credential stealing?

As reported by Threatpost, there was a 141 percent increase in compromised credentials between June and August of last year in North America alone. The totals for 2018 are also alarming, with credential stealing as a phishing end goal increasing over 70 percent, overcoming malware as the most common phishing attack for the year.

Credential stealing phishing attacks are targeting multiple industries and coming from numerous sources. Some examples…

1. Iranian hackers are targeting universities in a broad credential stealing effort. According to the Washington Times, “Researchers found more than 300 spoofed websites and login portals that had been created to resemble legitimate pages for 76 universities across 14 countries, including the United States and others.”
2. Dark Reading reported that healthcare organizations are facing a growing threat from credential stealing, with Humana and a newly acquired subsidiary, Family Physicians Group, seeing both employee and patient data compromised.
3. We blogged about a spear phishing attack that targeted HR departments and referenced a TechTarget article that noted phishing attacks are the top employee data breach threat for HR.
4. InfoSecurity Magazine reported that financial institutions have repeatedly been the target of a Trojan attack that targets the customers of large banks and steals their credentials.
5. Maybe more alarming is the discovery of over 85 apps available in the Google Play Store that were stealing credentials in late 2017 and early 2018, reportedly for a Russia-based social networking platform. These apps enjoyed over a million downloads in just seven months.

The success of these credential stealing phishing attacks is due to the human element, as mentioned above. While employee education efforts and training are all critical in a holistic effort, the sophistication of today’s credential stealing phishing attacks makes traditional security efforts insufficient.

Really, the only effective way to stop zero-hour credential stealing phishing threats is to use real-time phishing threat intelligence. Unlike other anti-phishing technologies and threat feeds, SlashNext Real-Time Phishing Threat Intelligence covers all six major categories of phishing and social engineering threats. Credential stealing, phishing exploits, social engineering scams, rogue software, phishing callbacks (C2s), and scareware threats.

See what credential stealing phishing threats and other phishing attacks your organization are missing. Try SlashNext Real-Time Phishing Threat Intelligence free for 15 days.