Cybercriminals Exploit Human Nature Through Phishing and Spam Attacks
See Intelligence-Led Security In Action Attend a Live Product Demo

Cybercriminals Continue to Exploit Human Nature Through Phishing and Spam Attacks

April 6, 2021 • Insikt Group®

Insikt Group

Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

Recorded Future analyzed current data from the Recorded Future® Platform, information security reporting, and other open source intelligence (OSINT) sources pertaining to phishing and spamming that facilitate threat actor campaigns. This report expands upon findings addressed in the report “Combating the Underground Economy’s Automation Revolution”, and will be of most interest to network defenders, security researchers, and executives charged with risk management and mitigation.

Executive Summary

In our March 2020 report “Combating the Underground Economy’s Automation Revolution”, we identified automated services and products that facilitate criminal activities. Phishing and spamming are attack vectors that often operate in tandem by bypassing network security settings, maintaining presence on targeted machines and networks, and extracting credentials for nefarious activities. This report dives further into phishing and spamming, identifying customized phishing and spamming kits and services within select dark web forums and analyzing widely used variants, and providing mitigation strategies to identify and deter phishing and spamming products attempting to intrude into your network.

Key Judgments

  • Developers of phishing and spamming tools are creating kits and offering services that are customizable, automated, and designed to be user friendly to cater to non-technical and amateur users.
  • Threat actors are using phishing and spamming services to bypass network security settings with the intent of deploying malware. 
  • Threat actors are discussing specific phishing and spamming variants on different forums, with “Multithread WebMailer GoMAIL Pro Edition” and “uPanel” being widely advertised and discussed.
  • Spamming and phishing as a service (PhaaS) are popular topics of discussion between threat actors on forums. Some commonly discussed tools include Evilginx and MoneySpamBot.

Editor’s Note: This post was an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

New call-to-action

Related Posts

Protect Against BlackMatter Ransomware Before It’s Offered

Protect Against BlackMatter Ransomware Before It’s Offered

August 4, 2021 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report To read the entire analysis,...

“Beijing One Pass” Employee Benefits Software Exhibits Spyware Characteristics

“Beijing One Pass” Employee Benefits Software Exhibits Spyware Characteristics

July 29, 2021 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report To read the entire analysis,...

BlackMatter Ransomware Emerges As Successor to DarkSide, REvil

BlackMatter Ransomware Emerges As Successor to DarkSide, REvil

July 27, 2021 • Insikt Group®

BlackMatter is a new ransomware-as-service (RaaS) affiliate program that was founded in July...