Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals

2022-10-11 10:39

"This platform has an intuitive interface and comes at a relatively low cost while providing a multitude of features and tools to its criminal clients to orchestrate and automate core elements of their phishing campaigns," Mandiant said in a new report.

Some of the core features offered by the platform comprise the ability to craft customized phishing kits, manage redirect pages, dynamically generate URLs that host the payloads, and track the success of the campaigns.

"Although the use of phishing platforms is certainly not a novel mechanism to facilitate attacks, it is worth noting that such feature-rich options, like Caffeine, are readily accessible to cybercriminals," the researchers said.

PhaaS services typically entail an operator to develop and deploy a significant chunk of the phishing campaigns, right from fake sign-in pages, website hosting, site templates, and credential theft.

The evolution of email-based phishing threats into a service-based economy means that adversaries who aim to conduct phishing attacks can now simply purchase such resources and infrastructure without having to work on it themselves.

The ultimate goal of the phishing campaign is to facilitate the theft of Microsoft 365 credentials through rogue sign-in pages hosted on legitimate WordPress sites, indicating that the Caffeine actors are leveraging compromised admin accounts, misconfigured websites, or flaws in web infrastructure platforms to deploy the kits.

News URL

https://thehackernews.com/2022/10/researchers-warn-of-new-phishing-as.html

#criminal #phishing #researcher