Reverse proxy phishing is exposing the limits of bot management

At a glance

What this is: Arkose Labs argues that reverse proxy phishing now defeats bot management by stealing live credentials and MFA tokens during authentication, not after the fact.

Why it matters: For IAM teams, this shifts the problem from blocking automation to verifying session integrity across human login flows, adjacent NHI authentication patterns, and account takeover response.

By the numbers:

• Arkose Labs analysis found that 96% of suspicious phishing domains bypass traditional protection mechanisms like domain reputation lists, blacklists, and spam filters.
• Of the 240 malicious domains Arkose Labs detected in one analysis, 49 were less than 60 days old.

👉 Read Arkose Labs' analysis of reverse proxy phishing and session integrity

Context

Reverse proxy phishing, also called adversary-in-the-middle phishing, sits between the user and the real login page and relays credentials in real time. For identity teams, the important shift is that the attacker is no longer recycling old breach data. The compromise happens during a live authentication session, which means MFA can be captured and reused before standard fraud controls react.

This is a human identity attack, but the governance lesson extends into NHI and agentic programmes because the same trust assumptions fail when credentials are treated as proof of legitimacy. Bot management was built to spot automation patterns, yet modern phishing infrastructure is designed to look like a normal session and to defeat reputation-based filtering.

Arkose Labs frames the issue as a session integrity problem rather than a pure bot problem, which is the right boundary. Security teams need to ask whether authentication flows still assume that a valid credential means a legitimate actor, because reverse proxy phishing proves that assumption is no longer reliable.

Key questions

Q: How should security teams stop reverse proxy phishing from bypassing MFA?

A: Use controls that inspect the session path, not just the credential outcome. Reverse proxy phishing can relay a valid MFA response in real time, so successful login is no longer a reliable trust signal. Teams should combine session integrity checks, risk-based step-up, and device and browser consistency analysis to separate legitimate sign-ins from mediated ones.

Q: Why do bot management controls miss modern phishing attacks?

A: Bot management is tuned for automation, velocity, and known credential stuffing patterns. Reverse proxy phishing often uses human-paced interaction and fresh credentials, so it looks legitimate to those controls. The failure is not that bot management is useless, but that it solves a different problem from real-time credential theft and session hijacking.

Q: What do security teams get wrong about valid credentials?

A: They often treat a valid credential as proof of a trusted actor. In reverse proxy phishing, the attacker captures real credentials and MFA responses during the live session, so the authentication event is genuine but the path is not. Identity programmes need to separate credential validity from session legitimacy.

Q: How should IAM and fraud teams respond when phishing uses live sessions?

A: They should focus on containment signals that can act before the attacker completes the session. That means real-time scoring, step-up challenges, and rapid suspension paths for suspicious authentication journeys, plus tighter coordination between IAM and fraud teams so a compromised session is handled as an active incident.

Technical breakdown

How reverse proxy phishing intercepts live credentials

Reverse proxy phishing places an attacker-controlled server between the user and the real identity provider. The fake page forwards the login flow to the legitimate site, captures the username, password, and MFA response, then relays the authenticated session back to the attacker. Because the credential set is fresh and valid, downstream controls often see a normal login rather than an obvious compromise. The core weakness is that authentication proof is transferred out of band without changing the visible user experience. Practical implication: teams need controls that evaluate the session path, not just the credential value.

Practical implication: Add session-level verification that can distinguish direct authentication from proxy-mediated sign-in.

Why bot management misses session hijacking

Bot management is strongest when the attacker is using automation, high velocity, or replayed credentials. Reverse proxy phishing removes those signals by using human-paced interactions and freshly harvested MFA tokens. The result is a legitimate-looking session from a normal device, which can evade velocity rules, device fingerprinting, and blacklist checks. This is why reputation and automation signals are necessary but insufficient. Practical implication: identity programmes should treat credential theft as an authentication integrity failure, not a bot classification problem.

Practical implication: Use behavioural and session-integrity signals that remain effective after valid credentials are captured.

Why domain reputation cannot keep pace with attack infrastructure

Phishing operators frequently use short-lived domains, rotating infrastructure, and traffic discrimination to avoid scanners. A site can serve harmless content to crawlers while exposing phishing content to real users, which weakens domain-based detection before the domain ever accumulates a reputation score. By the time blacklists and spam filters update, the campaign may already be complete. This makes static indicator-based defence structurally slow relative to the attacker’s lifecycle. Practical implication: defenders need controls that challenge the session in real time rather than waiting for domain attribution.

Practical implication: Prioritise live inspection and risk scoring at authentication time over delayed blocklist response.

Threat narrative

Attacker objective: The attacker wants immediate access to legitimate accounts using fresh, valid credentials that bypass traditional anti-bot and blacklist controls.

1. Entry begins when the victim is directed to a reverse proxy phishing site that mirrors the legitimate login page and relays the authentication flow.
2. Escalation occurs when the attacker captures valid credentials and MFA tokens in real time, then replays the authenticated session against the target service.
3. Impact follows when the attacker uses the hijacked session to access enterprise accounts and weaponise the stolen identity for fraud or further compromise.

Breaches seen in the wild

• Salesloft OAuth token breach — hackers stole OAuth tokens to access Salesforce data via Salesloft.
• MongoBleed breach — MongoBleed exposed secrets across 87K MongoDB servers.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Session integrity, not bot detection, is now the governance boundary that matters. Bot management was designed for automation, velocity, and known abuse patterns. Reverse proxy phishing bypasses those assumptions by using live interaction and valid MFA responses, which means the login can look normal even when the actor is not trustworthy. The implication is that identity governance must evaluate whether a session is genuinely bound to the intended user, not merely whether a credential was accepted.

Credential legitimacy no longer proves actor legitimacy. Traditional IAM and MFA programmes often treat a successful login as a valid control outcome. In a reverse proxy attack, the credential is real but the path is hostile, so the trust signal has already been separated from the identity event. This is a human IAM failure mode that also matters for NHI environments where secrets or tokens are exchanged through similarly weak trust assumptions. Practitioners need to stop equating authentication success with session trust.

Reverse proxy phishing creates session integrity debt: authentication controls keep certifying sessions that adversaries are actively mediating. That debt accumulates wherever reputation lists, static blacklists, and delayed fraud review are expected to catch live compromise. The article’s numbers show the scale, but the deeper problem is structural: attack infrastructure can be disposable while the victim’s session is immediate. The implication is that teams must reassess which controls still depend on stale indicators.

Human identity compromise and NHI abuse are converging on the same weak premise. Whether the target is a person signing in or a machine credential being replayed, the failure begins when identity proof is assumed to be durable after the moment of issuance. That assumption breaks under real-time interception, delegated access, and automated follow-on abuse. Practitioners should align human IAM, NHI governance, and fraud response around live session trust rather than isolated authentication events.

From our research:

• 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, according to The 2024 ESG Report: Managing Non-Human Identities.
• Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months.
• For a broader breach pattern view, The 52 NHI breaches Report shows how compromised credentials tend to create repeat exposure rather than one-off loss.

What this signals

Reverse proxy phishing is a reminder that identity attacks now succeed by preserving the appearance of normality. For IAM programmes, that means the next control frontier is not just stronger login barriers, but better judgement about whether a session is trustworthy once a credential has already been validated. The organisations that adapt fastest will treat session assurance as part of the identity control plane, not a fraud-only concern.

Session integrity debt: when controls keep certifying sessions that have already been mediated by an attacker, the programme accumulates hidden risk. That debt will surface wherever security teams still depend on reputation lists and delayed reviews rather than live authentication telemetry. Practitioners should expect more overlap between phishing, account takeover, and delegated credential abuse.

The broader NHI lesson is that valid tokens and valid passwords are not enough to establish legitimacy once the path to authentication is compromised. As machine identity estates grow, the same pattern will matter for secrets, API keys, and delegated workloads, which is why teams should align fraud response, IAM telemetry, and NHI governance around session-level trust.

For practitioners

• Add session integrity checks at authentication time Validate the path of the login, not only the credential result. Use signals that can detect proxy-mediated sign-ins, abnormal relay patterns, and inconsistent client-server behaviour during the authentication flow.
• Tune fraud and identity signals for fresh credential abuse Assume the attacker is using live credentials and MFA responses minutes after capture. Build detections around impossible session characteristics, not just reused passwords, and route suspicious logins into step-up or containment workflows.
• Reduce reliance on domain reputation alone Treat blacklist and spam-filter success as one layer, not a control boundary. Pair real-time inspection with device and session risk scoring so short-lived phishing infrastructure is not allowed to age into credibility.
• Map the same trust failure into NHI programmes Review machine and service identity flows for places where valid tokens are assumed to imply a legitimate actor. The same lesson applies when secrets, API keys, or delegated credentials are replayed through hostile intermediaries.

Key takeaways

• Reverse proxy phishing defeats assumptions built into bot management because the attacker uses live credentials and MFA tokens rather than replayed breach data.
• The scale is material, with LabHost-linked activity affecting nearly 990,000 Canadians and generating more than 1.2 million incidents.
• The control that matters most is session integrity, because authentic credentials can still belong to a hostile authentication path.

Key terms

• Reverse Proxy Phishing: A phishing method where an attacker places an intermediary server between the user and the real login service. The user signs in on a fake site that relays the authentication flow, allowing the attacker to capture live credentials and often MFA tokens during the legitimate session.
• Session Integrity: The degree to which an authenticated session can be trusted to belong to the intended user and path of access. In practice, it examines whether the login was direct, whether the device and browser signals align, and whether the session has been mediated or replayed by an attacker.
• Adversary-in-the-Middle: An attack pattern in which the attacker sits between the user and the target service and transparently relays traffic. This technique is especially effective against MFA because it can capture tokens in real time while preserving the appearance of a normal authentication event.
• Credential Theft: The unauthorised capture of passwords, tokens, API keys, or other secrets that prove identity. In modern phishing, theft is often immediate rather than delayed, which means defenders must evaluate the authenticity of the session path, not just the validity of the credential itself.

Deepen your knowledge

NHI governance, agentic AI identity, and machine identity lifecycle are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.

This post draws on content published by Arkose Labs: Website Scraping Beyond Bot Management, Why Reverse Proxy Phishing Demands a New Defense Strategy. Read the original.