Security News > 2022 > May > Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service

The Resecurity HUNTER unit identified a new underground service called "Frappo", which is available on the Dark Web.

"Frappo" acts as a Phishing-as-a-Service and enables cybercriminals to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online services to steal customer data.

Initially, the service popped up on the Dark Web around March 22, 2021 and has been significantly upgraded since then.

The service provides phishing pages for over 20 financial institutions, online retailers and popular services - including Amazon, Uber, Netflix, Bank of Montreal, Royal Bank of Canada, CIBC, TD Bank, Desjardins, Wells Fargo, Citizens, Citi and Bank of America.

Notably, the deployment process of phishing pages is fully automated - "Frappo" is leveraging a pre-configured Docker container and a secure channel allowing it to collect compromised credentials via API. Once "Frappo" is properly configured, statistical data will be collected and visualized, such as: how many victims opened the phishing page, accessed authorization and entered credentials, uptime, and the server status.

"Resecurity is committed to protecting consumers and enterprises all over the globe, and is actively involved in public-private partnerships to share actionable cyber threat intelligence with financial institutions, technology companies and law enforcement to ultimately minimize the risk of credentials being compromised and data breaches being executed," said Christian Lees, Chief Technology Officer of Resecurity, Inc. Resecurity is an Affiliate Member of FS-ISAC and an Official Member of Infragard, who aim to combat cybercriminal activity targeting financial services and Internet users globally.

News URL

https://www.helpnetsecurity.com/2022/05/10/frappo-phishing-service/