Tycoon 2FA Phishing Kit Exploits Amazon SES to Steal User Credentials
The attack begins with emails from an Amazon SES client containing empty PDF attachments and a message from Docusign. Despite some checks failing, the emails can still appear legitimate due to the compromised source.