Malicious actors increasingly put privileged identity access to work across attack chains

Posted on by

Attackers continue to impersonate popular brands in their phishing messages, with Microsoft Outlook, Apple, LinkedIn, Amazon, PayPal, Shein, Prime, and Netflix among the top abused brands. But more enterprise-specific services and terms are also frequently used, including DHL Express, Confluence, SharePoint Online, WordPress, HR Department, Docusign, Accounts Payable, Support, and Admin.

Malicious links are by far the most popular phishing method, used by 58% of rogue emails, followed by malicious attachments (25%) and voice phishing (17%).

Lateral movement: Leveraging privileged access to act in plain sight

Once situated on the corporate network, compromised credentials also allow attackers to expand access to other internal systems with a reduced likelihood of being discovered or triggering malware detection.