Capital One Customers Targeted By Credential Harvesting Phishing Campaign
KnowBe4 , Thursday, May 29th, 2025
The KnowBe4 Threat Lab has identified an active phishing campaign impersonating Capital One.
The attacks are sent from compromised email accounts to help them evade reputation-based detection by native security and secure email gateways (SEGs).
Once delivered, the attacks use stylized HTML templates and brand impersonation to trick the recipient into believing the communications are legitimate.