• About
  • Advertise
  • Careers
  • Contact Us
Friday, June 27, 2025
  • Login
No Result
View All Result
NEWSLETTER
Tech | Business | Economy
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
Home Business Security

Phishing via AWS 

by Techeconomy
August 11, 2023
in Security
1
Phishing via AWS
LAS VEGAS, NEVADA - NOVEMBER 30: Attendees walk through an expo hall during AWS re:Invent 2021, a conference hosted by Amazon Web Services, at The Venetian Las Vegas on November 30, 2021 in Las Vegas, Nevada. (Photo by Noah Berger/Getty Images for Amazon Web Services)

LAS VEGAS, NEVADA - NOVEMBER 30: Attendees walk through an expo hall during AWS re:Invent 2021, a conference hosted by Amazon Web Services, at The Venetian Las Vegas on November 30, 2021 in Las Vegas, Nevada. (Photo by Noah Berger/Getty Images for Amazon Web Services)

UBA
Advertisements

Writer: JEREMY FUCHS, Cybersecurity Researcher/Analyst at Check Point Software 

The hottest trend in the phishing world is leveraging legitimate services to send illegitimate messages.  It’s easy for hackers—sign up for an account, often free, at a variety of websites. We’ve seen things like Microsoft, Google, QuickBooks and PayPal. 

From the services in the tool, send out an email—an invoice, a document. The email comes directly from the service and is sent into the inbox, passing all typical checks. 

It’s easy for hackers to do, hard for security services to spot and difficult for end-users to notice.

A winning trifecta. Now, we’re seeing yet another legitimate tool used for these purposes—AWS. 

In this attack brief, Check Point Harmony Email researchers will discuss how hackers are using AWS to send out phishing links.

Attack

In this attack, hackers are utilizing sites hosted on AWS S3 Buckets to send phishing links. 

  • Vector: Email
  • Type: BEC 3.0
  • Techniques: Social Engineering, Credential Harvesting
  • Target: Any end-user 

Email Example 

 This starts with a standard-looking phishing email, requesting a password re-set. For many users, this email may be enough to stop engaging. Security services may be able to pick up on it, given the discrepancy in sender address. But the link in the address goes to an AWS S3 bucket, which is legitimate. 

Phishing via AWS 
Advertisements
MTN ADS
Source: Check Point Research

Should the user click on the link, they will be re-directed to the following page. 

Phishing via AWS 
Source: Check Point Research

There’s a few things to notice. First is the URL. It’s an S3 Bucket, a legitimate AWS site. Anyone can host a website—static or dynamic—on AWS. It requires a little more coding skills than some of the other BEC 3.0 attacks, but it’s not a huge lift.

Second, the hackers re-create a Microsoft login page. Further, the email address is already populated—user just has to enter the password. You’ll also notice in the URL bar that there’s a blurred out part. That’s where the email address of the victim goes, making it look like they are already logged in. 

Techniques

Unlike some of the BEC 3.0 attacks we’ve been chronicling, this attack requires slightly more technical skills on behalf of the attacker. That said, it’s still basic enough for the average hacker to execute.

The attackers are aiming for credentials. Once you get the credentials, you’ve got the keys to the kingdom. In this attack, the attackers are using an S3 bucket to host a webpage that will re-direct the credentials back to them. 

It’s fairly convincing—although not, as we’ll admit, as convincing as some of the others we’ve talked about recently on our blog. 

Still, it follows a practice that most users are familiar with—the banal task of resetting a password. It provides a look-a-like Microsoft login page. And the email is already populated, a nifty trick by hackers to lend legitimacy.  

End-users can spot this attack by looking at the URL. But we know that that’s not always the case. It’s far easier to just enter your password and get the reset over with.

That’s what hackers are hoping for.

Best Practices: Guidance and Recommendations

To guard against these attacks, security professionals can do the following:

  • Implement security that uses AI to look at multiple indicators of phishing 
  • Implement full-suite security that can also scan documents and file 
  • Implement robust URL protection that scans and emulates webpages

Loading

Author

  • Techeconomy
    Techeconomy

    View all posts
0Shares
Tags: AWSPhishingPhishing via AWS
Techeconomy

Techeconomy

Next Post
Eunisell MD at NAICE 2023

Eunisell's Pioneering Production Facilities to Transform Oil & Gas Landscape

Comments 1

  1. Pingback: Phishing via AWS - News Curators

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended

Seeking Funding for your Business? Apply for the Sustainable Investment Initiative

Seeking Funding for your Business? Apply for the Sustainable Investment Initiative

3 years ago
Our Imagination in artificial intelligence by DEBOLA IBIYODE

How Our Imagination Plays a Huge Role in Artificial Intelligence

4 months ago

Popular News

    Connect with us

    • About
    • Advertise
    • Careers
    • Contact Us

    © 2025 TECHECONOMY.

    No Result
    View All Result
    • News
    • Tech
      • DisruptiveTECH
      • ConsumerTech
      • How To
      • TechTAINMENT
    • Business
      • Telecoms
      • Mobility
      • Environment
      • Travel
      • StartUPs
        • Chidiverse
      • TE Insights
      • Security
    • Partners
    • Economy
      • Finance
      • Fintech
      • Digital Assets
      • Personal Finance
      • Insurance
    • Features
      • IndustryINFLUENCERS
      • Guest Writer
      • EventDIARY
      • Editorial
      • Appointment
    • TECHECONOMY TV
    • Apply
    • TBS
    • BusinesSENSE For SMEs

    © 2025 TECHECONOMY.

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In
    Translate »
    This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.