Kaspersky warns of phishing attacks via compromised Amazon Simple Email Service accounts
Kaspersky has detected phishing and business email compromise (BEC) attacks that are leveraging Amazon Simple Email Service (SES) – a cloud-based email service designed for businesses and developers to send and receive high-volume marketing, notification, and transactional emails (for instance, password resets). Because these emails are sent via a trusted service, they originate from reputable IP addresses, frequently include legitimate “.amazonses.com” identifiers. This makes phishing messages nearly indistinguishable from legitimate correspondence at a technical level. Users should treat unexpected emails with extreme caution.
The attacks are driven by the theft and exposure of credentials from Amazon Web Services (AWS). The attackers are using leaked AWS Identity and Access Management Keys – often found in public repositories, misconfigured cloud storage, and exposed configuration files. With automated tools, threat actors can identify valid keys and abuse them to send large volumes of malicious emails through legitimate infrastructure operated by Amazon.
Attackers disguise...
Copyright of this story solely belongs to itvoice.in. To see the full text click HERE