Step 1 – Acquire a login list 

The attackers gather the required information from email IDs (firstname.lastname@company.com), online profiles, data compiled from past security breaches etc. 

Step 2 – Spray passwords 

With the help of online publications, the attacker gathers information on commonly used passwords. They select a password and try it against the entire list of accounts. If the attack is not successful, they wait for 30 minutes to avoid triggering a timeout and then try the next password. 

Step 3 – Gain access

Once the password works against one of the accounts, attackers gain access to user’s cloud resources, accounts, networks and systems.