![Illustrates the high-level flow a user follows to fall victim to these multi-step phishing campaigns that ultimately attempt to steal credentials.](https://keepaware.com/wp-content/uploads/2024/05/multi-step-phishing-campaign.png)
A Link, Click, and a Phish Away! Using Legitimate Domains for a Multi-Step Phishing Attack
Key points: Overview Keep Aware has observed phishing attacks that use legitimate domains to host links that eventually lead to a credential stealing web page.