Across the Internet, cybercriminals are effortlessly launching phishing attacks. Thus, it is not surprising that in 2021, cybersecurity vendor Kaspersky blocked over 1.2 million individual phishing pages that were based on 469 kits (ready-made fake page templates).
Though you can quickly block a phishing site, scammers are also as quick in generating such fake pages in huge volumes. Even an inexperienced phisher can possibly generate hundreds of phishing pages in just a short time. This is why it is important to understand how phishing works for fraudsters.
An example of a phishing page that resembles Facebook
The creation of a fake page for a popular brand remains as among the most common phishing techniques. Those pages are designed to prompt clueless victims to provide personal data. The deed is made easier for scammers through the use of phishing kits.
Aside from the fake page templates, phishing kits may also contain scripts made for sending messages on popular messaging services or on email that carry the phishing links. A spamming software automates the mass-mailing process, allowing scammers to send out thousands of phishing emails at a time aimed at prospective victims.
Junk HTML tags do not appear on screen but complicate detection
Moreover, phishing kits developers never stop at basic schemes; they constantly come up with new and advanced add-ons. By adding obscure or garbage code to such phishing pages, developers find a way to make detection and blocking harder.
The code above is often comprised of lots of incoherent text. Buyers of phishing kits don’t look closely at those. Some developers take advantage and add extra code not just to the page but also to the code used for transmitting information. Thus, the scammers are able to steal data that product buyers collect so they can use the codes for ill purposes.
An example of a phishing kit for sale on a Telegram channel
Another technique is through selling phishing kits on the darknet or in closed Telegram channels. Prices vary depending on the complexity of a template—from $50 to $900. Simple kits can even be found for free in the public domain.
Numerous developers offer entire packages on the darknet like the so-called Phishing-as-a-Service which includes phishing kits. The packages provide services from creating fake sites to launching an entire data theft campaign—including target research, phishing emails, and encryption and sending of stolen data.
It is possible to block the fake pages by getting the phishing kit’s source code. “Every year, we block millions of phishing pages,” said Kaspersky security researcher Olga Svistunova. “Despite the lifespan of these pages being just a couple of hours, many of them manage to achieve their goal and steal user data.”
“Gone are the days when only the most skilled hackers could develop a phishing site and scam users into divulging theie personal information. Now, any amateur can create his own phishing page, so you have to be especially careful following any links from an email or messaging service,” Svistunova added.
Kaspersky shares these recommendations to protect yourself from any phishing attack:
- Check the link before clicking. Fake sites usually have misspellings and other irregularities.
- Provide personal info only over a secure connection or through URLs with ‘https’ prefix.
- Do not click or follow links from suspicious emails.
- Don’t log in to online banking or similar services when connected to public Wi-Fi networks.
- Install on your PC or device a trusted security solution.
- Keep updated by getting info about phishing kits from services providing data on cyberthreats like the Kaspersky Threat Intelligence Portal. To check if a page is legit, enter the link into the Threat Intelligence Portal search box and get the statistics, including info about phishing kits.
- Install Safe Browser Extension to automatically block phishing websites with malicious downloads and malware.
[wpedon id=”7508″ align=”center”]