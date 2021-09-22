A phishing-as-a-service (PhaaS) operation, dubbed BulletProofLink and discovered by Microsoft, has been behind a number of phishing campaigns against the private sector. Researchers at the tech giant uncovered the operation after finding a campaign that used more than 300,000 “newly created and unique subdomains” in a single run. The operation sells phishing kits, email templates, hosting and automated services—all at fairly low prices. Microsoft explained that some PhaaS groups offer everything needed for a campaign from soup to nuts—template creation, hosting and overall orchestration. That’s a lucrative business model for their “clientele.” Those service providers also offer a hosted scam page solution called fully undetected, or FUD, links. That’s their own marketing term meant to assure customers that the links are viable until users click them.

TECHNOLOGY ・ 5 DAYS AGO