Yes, There is Phishing-as-a-Service

Hackers and scammers are always trying to turn a profit on businesses just like yours, and you might be surprised by some of their ingenuity. One such way that some hackers choose to make a profit is by twisting the “as a service” business model into something that is particularly dangerous. Even Microsoft has gone on record and called out a particular group of Phishing-as-a-Service providers as a problem.

Phishing-as-a-Service is nothing new, and other threats have utilized the “as a service” business model in the past. Ransomware in particular has been known to utilize this type of service from time to time. What makes this particular case special is that it takes something that is already quite accessible to amateur hackers and lowers the bar of entry, creating even more opportunities for people to make a quick buck off of others’ misfortune.

This service includes BulletProofLink and others who sell their clients products such as email and website templates, email delivery, hosting, and credential theft. Of particular note is that they offer these services in the form of what are called fully unidentifiable links. The service provider hosts these things on their servers and works to harvest credentials for the client. The dangerous thing about these services is not necessarily the fact that these credentials are stolen, but more so the fact that these credentials can be sold to other, even more dangerous attackers who can launch ransomware attacks and other infections.

In other words, the buyers of these credentials are not receiving those which are guaranteed to work; they are simply paying for the opportunity to receive credentials that might work.

This particular Phishing-as-a-Service service gives attackers access to links that provide them with several templates of login pages, including those for services like Microsoft OneDrive, Google Docs, Dropbox, LinkedIn, Adobe, and many more. Another way that these services can be used is with “double-theft” in which the provider steals credentials for one customer, then sells them to yet another customer. This also impacts the ransomware workflow, as ransomware attackers can encrypt data after it is compromised and threaten to sell it or release it in exchange for a ransom.

Our goal here is not necessarily to provide you with the nitty-gritty details of how these threats operate–that would take a lot of technical jargon and in-depth explanation–but rather to showcase just how innovative hackers can be under the right circumstances. You absolutely cannot underestimate them; doing so could prove to be a fatal mistake on your part.

In a world where you have to be cautious of every little thing–particularly in regards to the Internet–you shouldn’t have to worry about your business’ network security. Let Lantek do the heavy lifting for your business so that you can instead focus on staying productive throughout the workday. To learn more about how we can keep your business safe, reach out to us at (610) 683-6883.

October 13, 2021
Shawn Kramer