ADVERTISEMENT
  • About
  • Advertise
  • Careers
  • Contact Us
Tuesday, August 26, 2025
  • Login
No Result
View All Result
NEWSLETTER
Tech | Business | Economy
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs
  • Chidiverse
No Result
View All Result
Tech | Business | Economy
No Result
View All Result
ADVERTISEMENT
Home Business Security

Phishing via AWS 

by Techeconomy
August 11, 2023
in Security
1
Phishing via AWS
LAS VEGAS, NEVADA - NOVEMBER 30: Attendees walk through an expo hall during AWS re:Invent 2021, a conference hosted by Amazon Web Services, at The Venetian Las Vegas on November 30, 2021 in Las Vegas, Nevada. (Photo by Noah Berger/Getty Images for Amazon Web Services)

LAS VEGAS, NEVADA - NOVEMBER 30: Attendees walk through an expo hall during AWS re:Invent 2021, a conference hosted by Amazon Web Services, at The Venetian Las Vegas on November 30, 2021 in Las Vegas, Nevada. (Photo by Noah Berger/Getty Images for Amazon Web Services)

UBA
Advertisements

Writer: JEREMY FUCHS, Cybersecurity Researcher/Analyst at Check Point Software 

The hottest trend in the phishing world is leveraging legitimate services to send illegitimate messages.  It’s easy for hackers—sign up for an account, often free, at a variety of websites. We’ve seen things like Microsoft, Google, QuickBooks and PayPal. 

From the services in the tool, send out an email—an invoice, a document. The email comes directly from the service and is sent into the inbox, passing all typical checks. 

It’s easy for hackers to do, hard for security services to spot and difficult for end-users to notice.

A winning trifecta. Now, we’re seeing yet another legitimate tool used for these purposes—AWS. 

In this attack brief, Check Point Harmony Email researchers will discuss how hackers are using AWS to send out phishing links.

Attack

In this attack, hackers are utilizing sites hosted on AWS S3 Buckets to send phishing links. 

  • Vector: Email
  • Type: BEC 3.0
  • Techniques: Social Engineering, Credential Harvesting
  • Target: Any end-user 

Email Example 

 This starts with a standard-looking phishing email, requesting a password re-set. For many users, this email may be enough to stop engaging. Security services may be able to pick up on it, given the discrepancy in sender address. But the link in the address goes to an AWS S3 bucket, which is legitimate. 

Phishing via AWS 
MTN ADS
Source: Check Point Research

Should the user click on the link, they will be re-directed to the following page. 

Phishing via AWS 
Source: Check Point Research

There’s a few things to notice. First is the URL. It’s an S3 Bucket, a legitimate AWS site. Anyone can host a website—static or dynamic—on AWS. It requires a little more coding skills than some of the other BEC 3.0 attacks, but it’s not a huge lift.

MTN ADS

Second, the hackers re-create a Microsoft login page. Further, the email address is already populated—user just has to enter the password. You’ll also notice in the URL bar that there’s a blurred out part. That’s where the email address of the victim goes, making it look like they are already logged in. 

Techniques

Unlike some of the BEC 3.0 attacks we’ve been chronicling, this attack requires slightly more technical skills on behalf of the attacker. That said, it’s still basic enough for the average hacker to execute.

The attackers are aiming for credentials. Once you get the credentials, you’ve got the keys to the kingdom. In this attack, the attackers are using an S3 bucket to host a webpage that will re-direct the credentials back to them. 

It’s fairly convincing—although not, as we’ll admit, as convincing as some of the others we’ve talked about recently on our blog. 

Still, it follows a practice that most users are familiar with—the banal task of resetting a password. It provides a look-a-like Microsoft login page. And the email is already populated, a nifty trick by hackers to lend legitimacy.  

End-users can spot this attack by looking at the URL. But we know that that’s not always the case. It’s far easier to just enter your password and get the reset over with.

That’s what hackers are hoping for.

Best Practices: Guidance and Recommendations

To guard against these attacks, security professionals can do the following:

  • Implement security that uses AI to look at multiple indicators of phishing 
  • Implement full-suite security that can also scan documents and file 
  • Implement robust URL protection that scans and emulates webpages

Loading

Author

  • Techeconomy
    Techeconomy

    View all posts
0Shares

MTN ADS
Tags: AWSPhishingPhishing via AWS
Techeconomy

Techeconomy

Next Post
Eunisell MD at NAICE 2023

Eunisell's Pioneering Production Facilities to Transform Oil & Gas Landscape

Comments 1

  1. Pingback: Phishing via AWS - News Curators

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recommended

NASENI Smartphone and other Products

Orders Pour in for NASENI Smartphone, Battery, Laptop and other Products

1 year ago
Oluwole Asalu on Nigeria ICT sector

Driving Nigeria’s ICT Growth: The Path to Realising Our Tech Potential

11 months ago

Popular News

  • Spotify to Raise Premium Fee

    Spotify to Raise Premium Fee to €11.99 in Nigeria, Other Regions

    0 shares
    Share 0 Tweet 0
  • ABAN Marks 10 Years with Landmark 2025 Congress in Lagos

    0 shares
    Share 0 Tweet 0
  • CONNOVATE 2025: NITDA Pushes for AI-Security Integration as Pillar of Nigeria’s Digital Future

    0 shares
    Share 0 Tweet 0
  • Spotify to Raise Premium Prices in September as It Targets 1 Billion Users

    0 shares
    Share 0 Tweet 0
  • ABAN at 10: Fadilah Tchoumba on Celebrating Lagos Congress and the Future of Angel Investing

    0 shares
    Share 0 Tweet 0

Connect with us

  • About
  • Advertise
  • Careers
  • Contact Us

© 2025 TECHECONOMY.

No Result
View All Result
  • News
  • Tech
    • DisruptiveTECH
    • ConsumerTech
    • How To
    • TechTAINMENT
  • Business
    • Telecoms
    • Mobility
    • Environment
    • Travel
    • StartUPs
      • Chidiverse
    • TE Insights
    • Security
  • Partners
  • Economy
    • Finance
    • Fintech
    • Digital Assets
    • Personal Finance
    • Insurance
  • Features
    • IndustryINFLUENCERS
    • Guest Writer
    • EventDIARY
    • Editorial
    • Appointment
  • TECHECONOMY TV
  • Apply
  • TBS
  • BusinesSENSE For SMEs

© 2025 TECHECONOMY.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Translate »
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.