The phishing campaign bypasses anti-spoofing protections and is otherwise difficult to identify as malicious.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Attackers have compromised SendGrid accounts to launch phishing attacks against other SendGrid customers. The phishing emails mask the malicious links using SendGrid's click-tracking feature. The phishing pages validate credentials and 2FA codes in real-time, making it harder for users to detect the fake pages.

Phishing attack uses compromised SendGrid accounts to target additional users