Emerging phishing campaign targeting AWS accounts

Wiz Threat Research has identified an emerging phishing campaign specifically targeting Amazon Web Services (AWS) accounts. This activity highlights the continued focus by adversaries on cloud infrastructure credentials to gain unauthorized access. While specific threat actors or malware families have not been publicly attributed to this campaign at this time, the intent appears to be credential harvesting for initial access into cloud environments. Organizations utilizing AWS services should exercise heightened vigilance regarding unsolicited communications requesting login details. Mitigation strategies should include enforcing multi-factor authentication (MFA) across all IAM users, monitoring cloud trail logs for anomalous sign-in activity, and conducting user awareness training to recognize phishing attempts. The severity is assessed as medium due to the widespread nature of phishing, though the targeting of cloud admin accounts elevates the potential impact significantly if successful. Immediate review of access policies is recommended.

Wiz Threat Research recently spotted a new phishing campaign targeting AWS accounts.

Wiz Threat Research has identified an emerging phishing campaign specifically targeting Amazon Web Services (AWS) accounts. This activity highlights the continued focus by adversaries on cloud infrastructure credentials to gain unauthorized access. While specific threat actors or malware families have not been publicly attributed to this campaign at this time, the intent appears to be credential harvesting for initial access into cloud environments. Organizations utilizing AWS services should exercise heightened vigilance regarding unsolicited communications requesting login details. Mitigation strategies should include enforcing multi-factor authentication (MFA) across all IAM users, monitoring cloud trail logs for anomalous sign-in activity, and conducting user awareness training to recognize phishing attempts. The severity is assessed as medium due to the widespread nature of phishing, though the targeting of cloud admin accounts elevates the potential impact significantly if successful. Immediate review of access policies is recommended. Wiz Threat Research recently spotted a new phishing campaign targeting AWS accounts. Wiz Threat Research recently spotted a new phishing campaign targeting AWS accounts.