Kaspersky’s Stolen Amazon SES Token Used For Phishing

Kaspersky recently confirmed that a legitimate Amazon Simple Email Service (SES) token, issued to a third-party vendor, was recently used by threat actors to target Office 365 users in a phishing attack.

The attackers used two phishing kits, including “Iamtheboss” and “MIRCBOOT.”

Although the attackers used an official Kaspersky email and sent the emails from the Amazon Web Services infrastructure, which provided them with the support they needed to reach their target mailboxes without being flagged, Kaspersky noted that “No server compromise, unauthorized database access or any other malicious activity was found at and associated services,”

The SES token was revoked immediately after the phishing attacks were discovered.

Going forward, Kaspersky urged users and phishing attackers to remain vigilant and not disclose their information or login credentials even if the message comes from a familiar or well-known brand.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web