SIM swapping to bypass MFA (convincing mobile carriers to transfer a victim's phone number to an attacker-controlled SIM) - Purchasing stolen credentials from dark web marketplaces - Searching public code repositories (GitHub) for inadvertently committed credentials - Calling helpdesks and using soc