{"id":47929,"date":"2022-08-10T15:09:17","date_gmt":"2022-08-10T15:09:17","guid":{"rendered":"http:\/\/b6950972-fa3c-4581-9022-aab01a479f71"},"modified":"2022-08-10T15:09:17","modified_gmt":"2022-08-10T15:09:17","slug":"cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","title":{"rendered":"Cloudflare was the target of a sophisticated phishing attack. Here&#8217;s why it didn&#8217;t work"},"content":{"rendered":"<figure class=\"c-shortcodeImage u-clearfix c-shortcodeImage-large\">\n<div class=\"c-shortcodeImage_imageContainer\">\n<div class=\"c-shortcodeImage_image\"><picture class=\"c-cmsImage\"><!----> <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/\" alt=\"getty-two-people-in-an-office-looking-at-a-computer\" height=\"800\" width=\"1200\"><\/picture><\/div>\n<p> <!----> <!----><\/div>\n<p> <!----><figcaption> <span class=\"c-shortcodeImage_credit g-outer-spacing-top-xsmall g-color-gray70 u-block g-text-xsmall\">Image: Getty\/gilaxia<\/span><\/figcaption><\/figure>\n<p>Cloudflare has <a href=\"https:\/\/blog.cloudflare.com\/2022-07-sms-phishing-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">detailed what it describes as a &#8220;targeted phishing attack&#8221;<\/a> against its staff that was prevented from doing damage because all employees are required to use <a href=\"https:\/\/www.zdnet.com\/article\/better-than-the-best-password-how-to-use-2fa-to-improve-your-security\/\" rel=\"follow\">multi-factor authentication<\/a> (MFA) in the form of physical security keys in order to access applications.&nbsp;<\/p>\n<p>That meant that even with the correct usernames and passwords, the attackers couldn&#8217;t access accounts and no systems were compromised.&nbsp;<\/p>\n<p>According to cybersecurity researchers at Cloudflare who analysed the attack, it was a sophisticated attack targeting employees and systems &#8220;in such a way that we believe most organizations would be likely to be breached&#8221;.&nbsp;<\/p>\n<p>Cloudflare has detailed what happened because they believe the culprit is still out there targeting multiple organisations.<\/p>\n<p>The incident started on July 20 when at least 76 Cloudflare employees received <a href=\"https:\/\/www.zdnet.com\/article\/what-is-phishing-how-to-protect-yourself-from-scam-emails-and-more\/\" rel=\"follow\">phishing<\/a> texts to either their work or personal phones which looked like messages pointing to what appeared to be Cloudflare&#8217;s Okta login page. Weirdly, some of the phishing messages were also sent to family members of some of the employees. &nbsp;<\/p>\n<p><strong><strong>SEE:&nbsp;<\/strong><a href=\"http:\/\/www.zdnet.com\/topic\/a-winning-strategy-for-cybersecurity\/?ftag=CMG-01-10aaa1b\" rel=\"follow\"><strong>A winning strategy for cybersecurity<\/strong><\/a><strong>&nbsp;(ZDNet special report)&nbsp;<\/strong><\/strong><\/p>\n<p>It&#8217;s unknown how the attacker got hold of the phone numbers, but the messages \u2013 all of which were sent out in under the space of a minute &#8211; claimed that &#8216;your Cloudflare schedule has been updated&#8217; and directed the targets to click on an official looking Okta domain for Cloudflare which asked anyone visiting it to enter their username and password. If someone who clicked on the link did this, it passed their username and password to the attackers.&nbsp;<\/p>\n<p>According to Cloudflare, three employees who received the phishing message fell for it and entered their credentials. However, the attackers couldn&#8217;t do anything with the stolen login details because of Cloudflare&#8217;s requirement for employees to use a hardware key when they sign in.&nbsp;<\/p>\n<p>There was also an additional element of phishing messages designed to download <a href=\"https:\/\/www.zdnet.com\/article\/big-jump-in-rdp-attacks-as-hackers-target-staff-working-from-home\/\" rel=\"follow\">remote access software onto the victim&#8217;s machine<\/a>, which would allow the attacker to control it remotely. However, Cloudflare says none of the victims at the company reached this stage and their endpoint security systems would&#8217;ve prevented unauthorised software from being installed.&nbsp;<\/p>\n<p>After detecting the attack after it was reported by employees receiving the suspicious messages, Cloudflare blocked the phishing domain to prevent employees from being able to access it.&nbsp;<\/p>\n<p>The company also identified the employees who had received the phishing text messages and followed the link to enter their credentials. These employees had their passwords reset and were logged out of any active sessions in order to prevent any unauthorised access.&nbsp;<\/p>\n<p>Cloudflare also moved quickly to take down the domain used in the phishing attacks \u2013 set up under an hour before the campaign started. The company has also used the incident to incorporate additional detection mechanisms into their defences to help identify any future campaigns by the same attackers \u2013 this information has also been shared with other organisations which have been targeted.&nbsp;<\/p>\n<p><strong>SEE: <\/strong><a href=\"https:\/\/www.zdnet.com\/article\/why-you-really-need-multi-factor-authentication-these-ransomware-hackers-gave-up-when-they-saw-it\/\" rel=\"follow\"><strong>These ransomware hackers gave up when they hit multi-factor authentication<\/strong><\/a><\/p>\n<p>While the phishing attack was successfully stopped from doing damage, Cloudflare says there are still lessons which can be learned from the incident, including how &#8220;having a paranoid but blame-free culture is critical for security&#8221;.&nbsp;<\/p>\n<p>&#8220;We&#8217;re all human and we make mistakes. It&#8217;s critically important that when we do, we report them and don&#8217;t cover them up. This incident provided another example of why security is part of every team member at Cloudflare&#8217;s job,&#8221; the company said.&nbsp;<\/p>\n<p>Cloudflare also says that the incident demonstrates how effective using physical keys is for securing people and networks, because despite the attackers successfully gaining access to legitimate login credentials, the lack of a key meant they couldn&#8217;t exploit it. &#8220;We have not seen any successful phishing attacks since rolling hard keys out,&#8221; said Cloudflare.&nbsp;<\/p>\n<p>Researchers suggest that those behind this campaign could still be out there, attempting to target others \u2013 and Cloudflare hopes that by sharing what happened, it helps other victims stay safe from attacks.&nbsp;<\/p>\n<p><strong>MORE ON CYBERSECURITY<\/strong><\/p>\n<p>READ MORE <a href=\"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#ftag=RSSbaffb68\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cloudflare has detailed how a phishing attacked duped employees &#8211; and says the attackers are targeting other companies too.<br \/>\nREAD MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[62],"tags":[],"class_list":["post-47929","post","type-post","status-publish","format-standard","hentry","category-zdnet-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cloudflare was the target of a sophisticated phishing attack. Here&#039;s why it didn&#039;t work 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cloudflare was the target of a sophisticated phishing attack. Here&#039;s why it didn&#039;t work 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-08-10T15:09:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Cloudflare was the target of a sophisticated phishing attack. Here&#8217;s why it didn&#8217;t work\",\"datePublished\":\"2022-08-10T15:09:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\"},\"wordCount\":707,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/article\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\",\"articleSection\":[\"ZDNet | Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\",\"name\":\"Cloudflare was the target of a sophisticated phishing attack. Here's why it didn't work 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.zdnet.com\\\/article\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\",\"datePublished\":\"2022-08-10T15:09:17+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.zdnet.com\\\/article\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\",\"contentUrl\":\"https:\\\/\\\/www.zdnet.com\\\/article\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cloudflare was the target of a sophisticated phishing attack. Here&#8217;s why it didn&#8217;t work\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cloudflare was the target of a sophisticated phishing attack. Here's why it didn't work 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","og_locale":"en_US","og_type":"article","og_title":"Cloudflare was the target of a sophisticated phishing attack. Here's why it didn't work 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-08-10T15:09:17+00:00","og_image":[{"url":"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Cloudflare was the target of a sophisticated phishing attack. Here&#8217;s why it didn&#8217;t work","datePublished":"2022-08-10T15:09:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/"},"wordCount":707,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","articleSection":["ZDNet | Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","url":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","name":"Cloudflare was the target of a sophisticated phishing attack. Here's why it didn't work 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#primaryimage"},"thumbnailUrl":"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","datePublished":"2022-08-10T15:09:17+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#primaryimage","url":"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/","contentUrl":"https:\/\/www.zdnet.com\/article\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cloudflare-was-the-target-of-a-sophisticated-phishing-attack-heres-why-it-didnt-work\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cloudflare was the target of a sophisticated phishing attack. Here&#8217;s why it didn&#8217;t work"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47929","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=47929"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/47929\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=47929"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=47929"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=47929"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}