Cecure Intelligence Limited

CIL Support

CIL ADVISORY

Credential Harvesting: How Criminals Steal Your Logins

  • FEBRUARY 3RD, 2025
  • 2min read
Credential Harvesting: How Criminals Steal Your Logins

Introduction

Credential harvesting has become increasingly sophisticated, with cybercriminals employing various techniques to steal login credentials. These attacks can lead to account takeovers, financial theft, and identity fraud, making them a significant threat to both individuals and organisations.

In September 2021, Microsoft reported a sophisticated campaign that compromised over 10,000 organisations by bypassing multi-factor authentication through adversary-in-the-middle attacks. The attackers used advanced phishing techniques to capture both credentials and MFA tokens, demonstrating how modern attacks can circumvent traditional security measures.

Common Tricks Used by Cybercriminals

  • Phishing Websites: Fake login pages mimicking legitimate services to steal credentials.
  • Social Engineering: Urgent messages tricking users into revealing login details.
  • Fake Security Alerts: Fraudulent warnings prompting users to enter credentials.
  • Malicious Apps & Extensions: Rogue mobile apps and browser add-ons that steal login information.
  • Business Email Compromise: Attackers impersonate executives to request sensitive data.
  • SMS Phishing (Smishing): Fraudulent text messages leading to phishing sites.

Best Practices for Preventing Credential Harvesting

  • Enable Multi-Factor Authentication (MFA): Adds an extra layer of security beyond passwords.
  • Use Unique Passwords: Prevents credential reuse across multiple accounts.
  • Verify URLs Before Logging In: Always check the website address before entering credentials.
  • Avoid Clicking Login Links: Never sign in via email links; visit the official site instead.
  • Install Anti-Phishing Tools: Use browser extensions that detect phishing attempts.
  • Keep Software Updated: Regularly update systems to patch vulnerabilities.
  • Use Password Managers: Securely store and generate strong passwords.
  • Security Awareness Training: Educate users on recognizing phishing attempts.

Explore more CIL Advisories

Review Bombing Attacks and Extortion

Review Bombing Attacks and Extortion

IntroductionMalicious actors use "review-bombing", a coordinated flood of fake, one-star reviews as an initial step for extortion. This high volume…

NOVEMBER 26TH, 2025

Read More
Synthetic Phishing: AI-Enabled Insider Impersonation

Synthetic Phishing: AI-Enabled Insider Impersonation

IntroductionThreat actors increasingly use artificial intelligence (AI) to impersonate trusted individuals such as executives, employees, or suppliers within organisations. These…

NOVEMBER 24TH, 2025

Read More
The Silent Security Threat: Data Hoarding

The Silent Security Threat: Data Hoarding

IntroductionThe greatest risk to your organization may be the sheer volume of data we hold, a practice known as Data…

NOVEMBER 19TH, 2025

Read More

Never miss a CIL Security Advisory

Stay informed with the latest security updates and insights from CIL.

Credential Harvesting: How Criminals Steal Your Logins

Contact Us

Message Sent!

Thank you for reaching out. We have received your message and will get back to you shortly.

Check your email for a confirmation from us.

Start a project

Project Request Submitted!

Thank you for your interest. Our team will review your project details and reach out to you soon.

Check your email for a confirmation from us.

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies. You can manage your preferences or learn more in our Cookie Policy .

Cookie Settings

We use cookies to improve your experience on our website. Some cookies are essential for the website to function, while others help us understand how you interact with our site. You can choose which cookies to accept below.