A significant rise in identity-based threats has been noted, especially with info-stealing malware and phishing kits, resulting in a 156% increase in targeted cyberattacks. These attacks focus on user logins, with malicious actors stealing credentials via malware and phishing to conduct business email compromise attacks and steal funds from bank accounts or cryptocurrency wallets. The emergence of phishing-as-a-service platforms simplifies cyberattacks for individuals lacking technical skills, providing pre-made pages for services like Microsoft 365. Infostealers are projected to represent 35% of malware threats by 2025, targeting stored passwords for easy access.
According to a report from eSentire, info-stealing malware and advanced phishing kits account for a 156% increase in cyberattacks that target user logins.
Malicious actors are often accessing login credentials and session cookies via malware and phishing in order to carry out business email compromise (BEC) attacks, gain access to bank accounts, or take cryptocurrency.
Phishing-as-a-service platforms are making it simpler to carry out cyberattacks with minimal technical experience, providing pre-made phishing pages for popular platforms such as Microsoft 365 and Google Workspace.
Infostealers are also offered as a service and account for 35% of detected malware threats in 2025, targeting passwords stored in browsers due to their convenience.
Collection
[
|
...
]