Security News > 2022 > August > Phishing attacks abusing SaaS platforms see a massive 1,100% growth

Threat actors are increasingly abusing legitimate software-as-a-service platforms like website builders and personal branding spaces to create malicious phishing websites that steal login credentials.

Because SaaS platforms simplify and streamline the process of creating new sites, phishing actors can easily switch to different themes, scale up or diversify their operations, and quickly respond to reports and takedowns.

Unit 42 has divided the abused platforms into six categories: file sharing and hosting sites, form and survey builders, website builders, note-taking and documentation writing platforms, and personal portfolio spaces.

The Unit 42 report explains that in many cases, the phishing actors host their credential stealing pages directly on the abused services, so they send an email to targets containing a URL leading to the page.

The phishing site can be hosted on a bulletproof service provider that doesn't respond to takedown requests, so the phishing actors follow that practice to increase campaign uptime while sacrificing the conversion rate.

Stopping the abuse of legitimate SaaS platforms will be very hard, as implementing aggressive email filters against those services isn't a choice.

News URL

https://www.bleepingcomputer.com/news/security/phishing-attacks-abusing-saas-platforms-see-a-massive-1-100-percent-growth/