Skip to main content
Cybersecurity

Phishing attacks aim to split open systems and melt defenses: report

Third-party actors are offering phishing as a service.
article cover

Francis Scialabba

less than 3 min read

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

They’ll catch you if they can.

Phishing attacks continue to present major threats to organizations and users. Cybersecurity firm ReliaQuest’s new Annual Cyber-Threat Report, released on March 26, found that bad actors used the hack to access systems 71.1% of attacks in 2023.

Bouncing round the room. Phishing is being offered by third-party actors as a sort of software as a service (SaaS) so that attackers can use precreated software for business email compromise (BEC) phishing hacks. ReliaQuest noted the prevalence of this business model, also known as PhaaS.

“Phishing kits and services are widely available on criminal platforms, making it easier to execute BEC,” according to the report. “One notable phishing ‘shop’ is W3LL Store, a site where threat actors offer a wide variety of phishing kits.”

Down with disease. One of the more prolific PhaaS providers is “darcula,” a platform that uses text messages to deceive targets and access their systems. Described by a researcher at British cybercrime services company Netcraft on March 27, darcula is a Chinese-language platform that manipulates the Rich Communication Services (RCS) communication protocol to slip past iMessage and Android security protections.

“Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, which is being used to great effect to target USPS along with postal services and other established organizations in 100+ countries,” according to a Netcraft blog post explaining the threat.

Netcraft also advised that users and organizations should take care when dealing with contacts that seem suspicious.

“Be highly skeptical of any links sent to you from unrecognized senders,” the blog post said. “Look for inaccurate grammar, spelling errors, offers that are ‘too good to be true’ or require urgent action. If you’re expecting a message from an organization, navigate to their official website and avoid following links.”

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.