EvilProxy Phishing Attack Targets Indeed Job Platform
EvilProxy Phishing Attack Targets Indeed Job Platform
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
A new phishing campaign has emerged, specifically targeting high-profile US executives. This campaign takes advantage of open redirects from the jobs platform Indeed and employs EvilProxy to pilfer session cookies. Stolen session cookies bypass all authentication mechanisms, including multi-factor authentication (MFA), potentially granting unauthorized access to attackers.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.