Netskope reports phishing threats impacting Navy Federal Credit Union members in 2025

Netskope identified an increase in phishing incidents, particularly aimed at members of Navy Federal Credit Union, impacting around 3,000 users across 830 organizations from January to April 2025. The tactics used included hosting phishing pages on the Glitch platform and utilizing Telegram for data collection.

Phishing Campaigns Overview

During the reported timeframe, the traffic to phishing sites on Glitch saw a threefold increase. Attackers employed methods that bypassed Multifactor Authentication (MFA) and implemented custom CAPTCHA tests that hindered detection by static scanners.

Operational Tactics

Netskope noted that the Glitch platform facilitated the quick creation of phishing websites with distinct subdomains, allowing for operational anonymity. Attackers targeted usernames and passwords of Navy Federal Credit Union customers while also using JavaScript to collect additional user information, including Internet Protocol (IP) addresses.

Integration of Fake CAPTCHAs

Some phishing campaigns incorporated deceptive CAPTCHA mechanisms to mask their true intentions, misleading victims into providing their sensitive information. The use of Telegram allowed these attackers to retrieve stolen credentials with the assistance of fake confirmation messages designed to assure victims of the legitimacy of their actions.

Insights on Business Technology Leadership

In a separate report, Netskope examined the changing dynamics of business technology leadership, emphasizing the need for adaptability, relationship-building, and an integrated security approach in decision-making processes. Technology leaders are urged to cultivate trust and see security as a communal responsibility.

Gartner Recognition

Netskope was recognized as a Leader in the Gartner Magic Quadrant for Security Service Edge for the fourth year in a row. It ranked first in three use cases and second in three others, underscoring its consistent performance in the field.

Data Loss Prevention Strategy

Netskope outlined the necessity of an effective Data Loss Prevention (DLP) strategy as organizations face evolving cybersecurity threats. A comprehensive DLP solution is recommended to ensure continuous monitoring and enforcement of protective measures for sensitive data amidst changing regulatory requirements.

This summary captures core elements of Netskope's recent findings and insights regarding phishing threats, technology leadership, and the importance of security measures. The content highlights pressing concerns relevant to decision-makers within the cybersecurity landscape.