Security News > 2024 > February > LabHost cybercrime service lets anyone phish Canadian bank users
The Phishing as a Service platform 'LabHost' has been helping cybercriminals target North American banks, particularly financial institutes in Canada, causing a notable increase in activity.
LabHost isn't a new provider, but its popularity surged after introducing custom phishing kits for Canadian banks in the first half of 2023.
Fortra, following the cybercriminal's activity, reports that LabHost has overtaken cybercriminals' previous favorite PhaaS platform, Frappo, and is now the primary driving force behind most phishing attacks targeting Canadian bank customers.
Apart from phishing kits for banks, the templates include phishing pages for online services like Spotify, postal delivery services like DHL, and regional telecommunication service providers.
LabHost enables attackers to steal 2FA protection on targeted accounts by linking the phishing process to 'LabRat,' a real-time phishing management tool that lets cybercriminals monitor and control an active phishing attack.
In addition to the above, when LabHost relaunched following the October disruption, it introduced a new SMS spamming tool named 'LabSend,' which embeds links to LabHost phishing pages on SMS messages.