Bad actors are getting creative in their quest to access sensitive information. Awareness is one of best forms of defense and to that end, we’re sharing a two-minute overview of a notable newly discovered Phishing-as-a-Service (PHaaS) platform dubbed “Greatness”.
What is Phishing-as-a-Service (PHaaS)?
Phishing-as-a-Service entails cybercriminals offering subscription based access to phishing services and a collection of advanced phishing tools. While PHaaS are not new to the threat landscape, these platforms are increasing in prevalence, scale, and complexity.
A recent report from Cisco Talos Labs warns “Greatness,” is one of the newer PHaaS platforms gaining notoriety for targeting Microsoft 365 business users across North America, the U.K., South Africa and Australia. Due to their usage of Microsoft 365 in business operations, the technology, healthcare, legal and manufacturing sectors are at increased risk. What sets “Greatness” apart from other PHaaS offerings, is the collection of advanced features, including integration with Telegram bots, IP filtering, and multi-factor authentication bypass.
How do Bad Actors use PHaaS?
The attachment and link builder tools commonly used to create realistic decoy login pages are prime examples of how bad actors leverage the latest functionality provided by a PHaaS platform. A decoy login page will display the actual company logo and same background as the victim’s legitimate Microsoft 365 business login page and can even auto-fill the victim’s email address. The target doesn’t think twice about entering their private credentials on this familiar page, which is the equivalent to unknowingly handing over house keys to a burglar.
How to avoid becoming a PHaaS cyberattack victim
While phishing scams have increased in complexity, the techniques used for prevention remain simple. Be hyper-vigilant – watch out for spelling and grammar errors, unfamiliar email addresses, and sketchy login screens. Become a human firewall against cyberattacks – don’t let your guard down.