Credential Harvesting

A credential harvesting attack is a cyberattack designed to steal usernames, passwords, and other authentication credentials from victims.

Attackers use various methods to collect these credentials, including phishing emails that direct users to fake login pages, malware that captures keystrokes, social engineering tactics, and data breaches of poorly secured systems.

The harvested credentials are typically used for unauthorized access to accounts, identity theft, financial fraud, or sold on dark web marketplaces to other cybercriminals. Attackers often target high-value accounts like banking, email, or corporate systems, but may also collect credentials indiscriminately to build large databases for future exploitation.

Common credential harvesting techniques include fake websites that mimic legitimate login pages, email phishing campaigns, password-stealing malware like keyloggers, credential stuffing attacks using previously breached password lists, and man-in-the-middle attacks on unsecured networks. Organizations can defend against credential harvesting through multi-factor authentication, employee security awareness training, email filtering systems, and monitoring for suspicious login attempts.