Credential Harvesters are described as...

Credential harvesting is a phishing tactic that tries to steal usernames and passwords by prompting users to enter them on fake login pages or through deceptive requests. This approach is very common because stolen credentials open easy access to accounts and can be reused across services, making credential-focused phishing the most frequent type of phishing. These emails often impersonate legitimate services or security alerts and urge actions like “verify your account” or “reset your password,” directing users to look-alike sites to harvest credentials. It isn’t limited to internal testing or harmless in nature; attackers deploy it broadly in real campaigns. That combination of targeting login details and its prevalence is why it’s described as the most common phishing emails targeting credentials.