Credential Stealing

Credential Stealing is one of the oldest form of Phishing attack. This type of attack tricks the user into giving up their credentials by representing a near-copy of a legitimate web page. Replica pages often leverage popular global brands such as Google, Microsoft, Dropbox, and Yahoo for credential stealing attacks. Some come complete with functional “Password Reset” options, and some ask for secondary email accounts, mobile phone numbers, or security questions for “enhanced security”.


These attacks are effective because the user usually can’t differentiate between the fake and legitimate page. Virtually any brand can be easily impersonated, and the inherent trust that the brand has created with its customers is the very thing that attackers use to their advantage. Enterprises have tried to reduce their risk to these sorts of attacks by training their employees on how to identify and avoid these kinds of fake sign-in pop-ups and pages. However, despite training, humans make mistakes.

Optum Credential Stealing Threat

Example: A spoofed site designed to steal credentials 

SlashNext Blog | Credential Stealing

Phishing Threats

Today, while man-in-the-middle (MiTM) attacks are still a big concern, the security endpoint has changed to the browser, creating a MiTB phishing threat that poses real danger.

In recent years phishing has become the number one threat action over malware. Recent workforce changes spurred by the pandemic has led to an exponential increase in phishing attacks.


Just how prevalent are these phishing callbacks and C2 infections? In every client install we perform – 100 percent! – we see C2 infections and callbacks. Are you compromised?

In 2020 phishing exploded as the world faced a 100-year pandemic and many people moved to remote working and learning, which changed the phishing threat landscape forever. 

It’s Time to Get Started with SlashNext

Learn how to leverage the industry’s best zero-hour phishing protection and IR solutions in your environment.

Close Menu