Code of Conduct Phishing Emails Target 35,000 Users in Multi-Stage AiTM Attack

📅 5 May 2026 at 12:30 UTC📰 Cyber Security NewsView original source ↗

A large-scale phishing campaign has been caught using fake “code of conduct” emails to trick employees into giving up their account credentials. The attackers did not just steal passwords. They went a step further by hijacking active authentication sessions through an adversary-in-the-middle (AiTM) technique, making standard multi-factor authentication (MFA) protection largely ineffective. The campaign ran […] The post Code of Conduct Phishing Emails Target 35,000 Users in Multi-Stage AiTM Attack appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

A large-scale phishing campaign using fake 'code of conduct' emails tricked employees into giving up their account credentials, hijacking active authentication sessions through an adversary-in-the-middle (AiTM) technique, rendering standard MFA protection ineffective.

⚙️Technical Details

Affected Systems

Employees' accounts

Attack Vectors

Fake 'code of conduct' emails

💥Impact Assessment

Severity: Critical

Who Is at Risk

Employees with access to company accounts

🛡️Recommended Actions

1Verify authenticity of incoming emails

2Use two-factor authentication (2FA) or alternative MFA methods

3Monitor account activity for suspicious behavior

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News ↗

← Back to feed