Security News > 2020 > October > Canva design platform actively abused in credentials phishing
Free graphics design website Canva is being abused by threat actors to create and host intricate phishing landing pages.
Canva is a graphic design platform that lets users create posters, letterheads, holiday cards, and other digital media that can then be downloaded as an image, shared as HTML with clickable links, or printed.
In a new report by cybersecurity firm Cofense, threat actors are increasingly using Canva to create hosted HTML landing pages that are then used to redirect phishing victims to fake login forms.
"Canva is probably aware of the problem, removing malicious files as and when they're found but, as our research has concluded, many of these malicious files have remained on Canva's hosted platform for hours and even days at a time. Sites, such as Google where hackers have traditionally hosted their phishing emails, appear to be a lot faster in detecting and removing them, which is another reason threat actors have begun to exploit the Canva platform," Cofense explains in their report.
Using Canva as an intermediary redirect page, when the final phishing landing page is taken down, the attackers can update their Canva designs to point to a new final phishing URL so that their campaign is not broken.