- Phishing kits that are sold for $ 25 grant the criminals of low qualification powerful tools to steal data
- Websites of websites and false emails to drag and release facilitate the launch of professional scams
- Phishing platforms as a service help criminals to carry out large attack campaigns
The world of cyber crime is constantly evolving, and phishing attacks are becoming easier to carry out.
A new investigation by NORDVPN shows that Phishing kits, prefabricated software packages, are now sold widely for less than $ 25, which gives low -qualification criminals the ability to steal confidential data and launch malware attacks.
NordvPN’s investigation discovered that Phishing Kits are found, such as so many criminal teams, often sold on the dark website and applications such as Telegram, with packages that generally include everything an attacker needs: false websites ready to use, previously written emails and stolen contact lists.
Brands such as Google, Meta/Facebook and Microsoft are some of the most commonly personified, with almost 85,000 fake Google URL discovered only in 2024.
Adrianus Warmenhoven, an expert in cybersecurity in Nordvpn, explained that these kits are making cyber crime more accessible.
“Phishing kits are a force multiplier for cyber crime. They put powerful attack tools in the hands of people who may not have the skills to build them on their own,” he says.
“With features such as websites of websites to drag and release, email templates and even contact lists, these kits allow even less technical attackers to perform professional -looking scams.”
At the same time, Phishing platforms as a service (Phaa) are increasing. These subscription -based services allow criminals to launch campaigns without having to administer any of the technical works themselves.
“Phishing kits and Phaas platforms reduce the input barrier, so we are seeing an increase in the number and variety of attacks,” adds Warminhoven. “That means that consumers must be more alert than ever.”
How to stay safe
Protecting yourself begins, as always, being skeptical about unexpected emails, especially those who try to create an emergency feeling or promise great rewards.
Always walk the links to verify small spelling errors or unusual domains before clicking.
Enable multifactor authentication whenever possible to add a second layer of protection to your accounts. This can stop the attackers even if their password is committed.
Avoid using free files or video accommodation sites that you don’t trust. These often hide malware or invasive trackers.
Keep all your software and devices updated to patch known security failures. Use anti-malware tools for scanning downloads and consider installing browser tracking blockers to protect your privacy.
If you accidentally click on a suspicious link or download something that is not sure, run a complete malware scan immediately. If you think your information may have been exposed, change your passwords immediately from a safe device.
Keeping carefully with the place where it sails, what you download and who communicates online can reduce the risks of phishing attacks and help keep your information safe.
