Digital Risk Protection Service
[Whitepaper] How Cybercriminals Use Phishing Kits?
Phishing is using account login, banking, identity, etc., in attacks planned by cybercriminals against the target person or organization. It is a social engineering attack, among the most preferred threats to obtaining sensitive information.
Phishing kits are sold or rented directly by the creator or other criminals using the Crime-as-a-Service model. In addition to selling phishing kits, trading or bartering of previously compromised web servers referred to as “Shells” or “cPanel” in underground forums occur. Such campaigns are closely related to the web hosting responsible for hosting the phishing kits. Another service area revealed by the phishing service in underground forums and markets is the tools used to send the email (Spamming Tool) and the list of spam email recipients (Spam List).
Phishing Kits identify malicious tools that combine all the components cybercriminals need to create a phishing campaign with fake login pages, scripts, and templates, and these kits are sold or rented directly by the creator or other criminals using the Crime-as-a-Service model.
Brandefense Threat Reports
– Cyber Threat Intelligence Team