A phishing attack taking place against an organization has revealed a crafty method to bounce between victims in a way deemed “ingenious” by a researcher.
This is how it worked: once one email account was compromised, the credentials for the account were sent to a remote bot. The bot would then sign into the account and analyze emails sent within the past several days.
