IMAP-Based Attacks Compromising Accounts at ‘Unprecedented Scale’

That’s according to researchers with Proofpoint, who found that in the past half year, a staggering 60 percent of Microsoft Office 365 and G Suite tenants have been targeted with IMAP-based password-spraying attacks; and 25 percent of those targeted experienced a full-on breach as a result.

Password-spraying attacks are when an attacker attempts to access a large number of accounts or usernames with a few commonly used passwords – seen most recently in the Citrix security incident from last week. In a Thursday report that analyzed over 100,000 unauthorized logins across millions of monitored cloud user-accounts, it’s clear that more attackers using this method are leveraging IMAP – the legacy protocol used for accessing and storing mail on mail servers – and when combined with recent massive credential dumps, it allows the compromise of accounts “at an unprecedented scale.”

Read more…
Source: ThreatPost