Phishing Off a Peer: How Threat Actors Use Third Parties to Execute Advanced Phishing Campaign

In early 2023, BlueVoyant’s cyber threat analysts identified and began investigating a new phishing tactic: third-party phishing.

Third-party phishing campaigns use intermediary sites that redirect victims to a phishing site impersonating a brand they trust. The third-party or intermediary site allows the threat actors to better evade detection and collect credentials from customers of a wider array of companies.

The scale, complexity, and successful deployment of advanced evasion mechanisms make this phishing technique far more efficient and effective than traditional standalone phishing sites.

Download the report now to learn:

  • How attackers use intermediary websites to dupe customers of multiple brands at the same time
  • The scope of the third-party phishing trend, including which industries and geographies are being hit the hardest
  • How to position your organization to successfully defend against this type of attack