Online scams are at an all-time high and thieves have found a way to leverage legitimate services to gather stolen data from phishing attacks.
What’s going on?
Threat actors are using Google Forms and Telegram as alternative ways to accumulate stolen data and start using them immediately. Moreover, automated phishing platforms available on the dark web contain Telegram bots. The admin panel takes care of the overall phishing attack and associated financial records.
Why does this matter?
The cybercrime-as-a-model has gained huge popularity among cybercriminals and these platforms are propagated under the same model. More groups have started resorting to this model, thus, broadening the scope of threat activity.
Some stats your way
- More than 260 unique brands were targeted by phishing kits last year. These kits were most commonly used to generate web pages imitating online services.
- Online services were the most targeted at 30.7%, while financial institutions stood at 20%.
- Free emails are the most common way (66%) of harvesting phishing websites. Most of them were created using Yandex or Gmail.
- Attackers can accumulate data in two ways - local and remote.
- Alternative ways of compromising data account for 6% of incidents.
- The fight against cybercrime has become more challenging with the introduction of phishing kits. Attacks are now automated and blocked websites are instantly replaced with new web pages.
The bottom line
All the new techniques and tactics evolved by threat actors highlight the fact that the conventional approach in monitoring and blocking phishing websites is just not enough. The automation of these attacks potentially results in the spread of complex social engineering tactics used in large-scale attacks, keeping the age-old threat of phishing alive.