Latest Phishing-as-a-Service news

ONNX phishing service targets Microsoft 365 accounts at financial firms

A new phishing-as-a-service (PhaaS) platform called ONNX Store is targeting Microsoft 365 accounts for employees at financial firms using QR codes in PDF attachments.
- Bill Toulas
- June 18, 2024
- 04:28 PM
- 0
New V3B phishing kit targets customers of 54 European banks

Cybercriminals are promoting a new phishing kit named 'V3B' on Telegram, which currently targets customers of 54 major financial institutes in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy.
- Bill Toulas
- June 04, 2024
- 02:53 PM
- 0
LabHost phishing service with 40,000 domains disrupted, 37 arrested

The LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer.
- Bill Toulas
- April 18, 2024
- 05:52 AM
- 0
New Darcula phishing service targets iPhone users via iMessage

A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.
- Bill Toulas
- March 27, 2024
- 06:12 PM
- 0
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts

Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection.
- Bill Toulas
- March 25, 2024
- 12:56 PM
- 3
LabHost cybercrime service lets anyone phish Canadian bank users

The Phishing as a Service (PhaaS) platform 'LabHost' has been helping cybercriminals target North American banks, particularly financial institutes in Canada, causing a notable increase in activity.
- Bill Toulas
- February 27, 2024
- 02:19 PM
- 0
Police takes down BulletProftLink large-scale phishing provider

The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.
- Bill Toulas
- November 11, 2023
- 11:06 AM
- 0
EvilProxy uses indeed.com open redirect for Microsoft 365 phishing

A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from the Indeed employment website for job listings.
- Bill Toulas
- October 03, 2023
- 09:00 AM
- 0
Classiscam fraud-as-a-service expands, now targets banks and 251 brands

The "Classiscam" scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before.
- Bill Toulas
- August 31, 2023
- 04:00 AM
- 0
EvilProxy phishing campaign targets 120,000 Microsoft 365 users

EvilProxy is becoming one of the more popular phishing platforms to target MFA-protected accounts, with researchers seeing 120,000 phishing emails sent to over a hundred organizations to steal Microsoft 365 accounts.
- Bill Toulas
- August 09, 2023
- 05:00 AM
- 0
Interpol takes down 16shop phishing-as-a-service platform

A joint operation between Interpol and cybersecurity firms has led to an arrest and shutdown of the notorious 16shop phishing-as-a-service (PhaaS) platform.
- Bill Toulas
- August 08, 2023
- 01:21 PM
- 0
Crypto phishing service Inferno Drainer defrauds thousands of victims

A cryptocurrency phishing and scam service called 'Inferno Drainer' has reportedly stolen over $5.9 million worth of crypto from 4,888 victims.
- Bill Toulas
- May 22, 2023
- 12:49 PM
- 0
New 'Greatness' service simplifies Microsoft 365 phishing attacks

The Phishing-as-a-Service (PhaaS) platform named 'Greatness' has seen a spike in activity as it targets organizations using Microsoft 365 in the United States, Canada, the U.K., Australia, and South Africa.
- Bill Toulas
- May 10, 2023
- 08:00 AM
- 2
Telegram now the go-to place for selling phishing tools and services

Telegram has become the working ground for the creators of phishing bots and kits looking to market their products to a larger audience or to recruit unpaid helpers.
- Bill Toulas
- April 06, 2023
- 03:23 AM
- 0
Robin Banks phishing service returns to steal banking accounts

The Robin Banks phishing-as-a-service (PhaaS) platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service (DDoS) attacks.
- Bill Toulas
- November 04, 2022
- 11:48 AM
- 2
Caffeine service lets anyone launch Microsoft 365 phishing attacks

A phishing-as-a-service (PhaaS) platform named 'Caffeine' makes it easy for threat actors to launch attacks, featuring an open registration process allowing anyone to jump in and start their own phishing campaigns.
- Bill Toulas
- October 10, 2022
- 05:47 PM
- 0
Phishing-as-a-service operation uses double theft to boost profits

Microsoft says BulletProofLink, a large-scale phishing-as-a-service operation it spotted while investigating recent phishing attacks, is the driving force behind many phishing campaigns that have targeted many corporate organizations lately.
- Sergiu Gatlan
- September 22, 2021
- 09:43 AM
- 0
Cash App phishing kit deployed in the wild, courtesy of 16Shop

The developer of the 16Shop phishing kit has added a new component that targets users of the popular Cash App mobile payment service.
- Ionut Ilascu
- March 03, 2021
- 03:29 AM
- 0
Telegram-based phishing service Classiscam hits European marketplaces

Dozens of cybercriminal gangs are publishing fake ads on popular online marketplaces to lure interested users to fraudulent merchant sites or to phishing pages that steal payment data.
- Ionut Ilascu
- January 14, 2021
- 07:06 AM
- 0
Office 365 phishing abuses Oracle and Amazon cloud services

A rather complex phishing scheme for stealing Office 365 credentials from small and medium-sized businesses in the U.S. and Australia combines cloud services from Oracle and Amazon into its infrastructure.
- Ionut Ilascu
- November 27, 2020
- 01:43 PM
- 2