Credential & Identity Theft
The "goal" of most phishing attacks. This section explains that the purpose of the attack is often credential theft—to steal a user's login and password for their bank, their Office 365 account, etc.
Questions about Credential & Identity Theft
What is credential theft?
How do phishing emails steal credentials?
What is account takeover (ATO)?
How do attackers gain access to sending infrastructure?
How do compromised ESP accounts cause widespread spam?
What’s the risk of weak API keys or tokens?
What is OAuth token abuse?
How can SPF/DKIM be bypassed after compromise?
How can users detect unauthorized login attempts?
How do mail providers lock accounts post-compromise?
What is 2FA (Two-Factor Authentication) in email security?
What is password spraying or credential stuffing?
How does password reuse enable compromise?
What are signs of internal compromise in an ESP or MTA?