Phishing-as-a-Service Is now a Thing

By September 10, 2016Bitcoin Business

Malware, Trojans, Viruses and any form of informatic attack is now a normal occurrence in the day-to-day lives of internet users. Still, it is somewhat worrying that even not technically-skilled people can now launch a malicious attack as if they were sending an email. Black markets, darknet, deep web, and other obscure parts of the internet became popular because of their morally dubious offerings. Security firm Fortinet released a blog post detailing the inner workings of a new threat that may be in the spotlight in the future –if it’s not already– we are talking about Malware-as-a-Service (MaaS) and a new variant called Phishing-as-a-Service (PHaaS). MaaS and PHaas are services provided by ‘cyber crooks’ to basically sell their knowledge on informatic systems –along with malicious software– and enable non-skilled users to launch their own cyberattacks. Fortinet has discovered a Russian website called ‘Fake-Game’ where subscribers of the website have access to customized phishing links to be sent to unwary victims. The link is appended by an affiliate ID which, in this case, is our subscriber’s ID. This allows the website to track which stolen accounts belong to which subscriber. A subscriber can then spread the phishing site to prospective victims. Once a victim enters a credential into the subscriber’s phishing link, a prompt showing the stolen information appears The website makes it easy for users to create the malicious links, it even has a dashboard where subscribers can have a look at all the successful stolen credentials. Fortinet notes that ‘Fake-Game’ also provides links to novice cybercriminals that points to Russian websites where subscribers can sell the stolen information. […] stolen credentials can be sold from $ 0.015 USD up to $ 15.39 USD at current exchange rates. Fake-Game even offers customer service via in-web chat. According to the […]

Leave a Reply

All Today's Crypto News In One Place