top of page

Cyber Bites

Active Redtail Credential Harvesting Phishing Campaign

There is an active phishing campaign targeting Retail users with the goal of tricking them into giving up login credentials (aka Credential Harvesting Attack).

There appear to be several emails currently in use. Examples below.


  1. If you get a message indicating an issue with your Redtail account or Redtail email, do NOT click the link in the email to resolve the issue. Open a browser and log into Redtail directly or call Redtail support.

  2. Make sure Multifactor authentication is enabled on your Redtail account/email, it is not enabled by default.

Sample phishing messages:

The links in these messages lead to this phony login screen hosted on a server in Reykjavik Iceland:


Credential harvesting - The practice of obtaining sensitive information, such as usernames and passwords, from unsuspecting individuals through deceptive methods such as phishing emails and fake login pages.

Source: Security Snapshot

Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.


bottom of page