Cybercriminals Exploit Human Nature Through Phishing and Spam Attacks

Cybercriminals Continue to Exploit Human Nature Through Phishing and Spam Attacks

April 6, 2021 • Insikt Group®

Insikt Group

Editor’s Note: The following post is an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

Recorded Future analyzed current data from the Recorded Future® Platform, information security reporting, and other open source intelligence (OSINT) sources pertaining to phishing and spamming that facilitate threat actor campaigns. This report expands upon findings addressed in the report “Combating the Underground Economy’s Automation Revolution”, and will be of most interest to network defenders, security researchers, and executives charged with risk management and mitigation.

Executive Summary

In our March 2020 report “Combating the Underground Economy’s Automation Revolution”, we identified automated services and products that facilitate criminal activities. Phishing and spamming are attack vectors that often operate in tandem by bypassing network security settings, maintaining presence on targeted machines and networks, and extracting credentials for nefarious activities. This report dives further into phishing and spamming, identifying customized phishing and spamming kits and services within select dark web forums and analyzing widely used variants, and providing mitigation strategies to identify and deter phishing and spamming products attempting to intrude into your network.

Key Judgments

  • Developers of phishing and spamming tools are creating kits and offering services that are customizable, automated, and designed to be user friendly to cater to non-technical and amateur users.
  • Threat actors are using phishing and spamming services to bypass network security settings with the intent of deploying malware. 
  • Threat actors are discussing specific phishing and spamming variants on different forums, with “Multithread WebMailer GoMAIL Pro Edition” and “uPanel” being widely advertised and discussed.
  • Spamming and phishing as a service (PhaaS) are popular topics of discussion between threat actors on forums. Some commonly discussed tools include Evilginx and MoneySpamBot.

Editor’s Note: This post was an excerpt of a full report. To read the entire analysis, click here to download the report as a PDF.

New call-to-action

Related Posts

Iran-Linked Threat Actor The MABNA Institute’s Operations in 2020

Iran-Linked Threat Actor The MABNA Institute’s Operations in 2020

April 21, 2021 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report To read the entire analysis,...

Lockdown Saw Rise in Wine Domains and Wine Scammers

Lockdown Saw Rise in Wine Domains and Wine Scammers

April 7, 2021 • Insikt Group®

  This report was produced jointly with researchers from Area 1 Security Area 1...

The Business of Fraud: Fraud Tutorials and Courses

The Business of Fraud: Fraud Tutorials and Courses

April 1, 2021 • Insikt Group®

Editor’s Note: The following post is an excerpt of a full report To read the entire analysis,...