Phished Account Credentials Mostly Verified in Hours

Attackers from 44 countries used look-alike cloud portals to collect users’ credentials, verified the majority of username-password combination in hours, and used them to send malicious payloads and spam to other Internet users and to conduct business email compromise (BEC), email-security firm Agari states in a new report. The report summarizes a six-month study by Agari researchers, who created an automated system to create 8,000 email accounts and submit them to phishing sites after those sites were discovered.

Read full article on Dark Reading