Phishing kits as a service (Attacks For SALE!)

Microsoft researchers have discovered a large operation that is using phishing kits to send millions of emails daily with malicious attachments. The company believes that this campaign is responsible for the recent uptick in phishing attacks against companies and organizations worldwide. This type of attack involves sending emails with malicious links or attachments designed to trick people into giving up sensitive information like passwords and credit card numbers. The have now evolved into a monthly subscription service pricing from $300 - $1000 / month.

Phishing kits are used to obtain credentials and install spyware.

Phishing kits are used to send millions of emails daily, according to a recent Microsoft report. The emails contain malicious attachments that can infect the recipient's computer and install spyware or ransomware.

Phishing kits allow cybercriminals to easily create customized phishing campaigns with little technical knowledge required. They're available for sale on underground forums and marketplaces, where they sell for as little as $100 per kit or individual component (such as templates).

The emails use Microsoft Exchange as an attack vector.

  • The emails are being sent to a large number of recipients.

  • The emails are being sent in large volumes.

  • The attackers have a high degree of success with their phishing campaigns, which is why Microsoft is warning users about them now.

The malware can steal email credentials and session cookies, install spyware and distribute ransomware.

Phishing kits are pre-packaged software tools that cybercriminals use to create phishing emails. These kits allow attackers to easily send millions of emails, targeting thousands of recipients at once. The malware can steal email credentials and session cookies, install spyware and distribute ransomware.

Microsoft warns that this type of malicious activity is on the rise due to its ease of use: "The only thing a bad guy needs is access to an email account (or several) with credentials; then he can create thousands more accounts just like those," says Microsoft Security Response Center researcher Matt Nelson in his blog post about phishing kits.

The company is working with law enforcement to identify the source of these attacks.

Microsoft is working with law enforcement to identify the source of these attacks. The company is also working with other companies to help protect customers, and it's reaching out to security researchers who can help identify new variants of these phishing kits.

Microsoft says it will continue to update its antispam filters and other security tools as it learns more about this large-scale campaign.

Other phishing attacks may be using these kits as well, researchers warn

Phishing kits are used by hackers to easily create and send thousands of emails that look like they're from a legitimate company. The kits allow the attacker to change the subject line, body text, logo and other elements of an email without needing to write code or know how to use HTML.

Typically, these phishing attacks will appear as an email from a bank or another financial institution asking you to click on an attachment or link within the message. Once you click on it, you're directed to what looks like an official login page for your bank where you enter your username and password--but it's actually stealing those credentials for hackers' use later on (or worse).

Microsoft says that although most security companies have been able to identify these malicious emails before they reach users' inboxes--thanks in part because they contain certain keywords like "password reset" or "account verification"--the sheer number being sent means some people will still fall victim if they don't know what signs indicate whether something is fishy.

Conclusion

Microsoft has issued a warning about the use of phishing kits that could send millions of emails each day. The company says it has identified at least two such kits that are being used to target users with malicious attachments and URLs. These attacks use Microsoft Exchange as an attack vector, which means they can bypass most email filters because they look legitimate. However, Microsoft says its own security systems have been able to detect these emails since last year and block them before they reach users' inboxes