Research from Sekoia reveals a phishing-as-a-service kit sold by "Sneaky Log", identified on Telegram, which launched in October 2024 targeting Microsoft 365 accounts. Experts highlight deceptive features like autofilling email addresses, blurred legitimate site imagery for false login backgrounds, and anti-bot measures that misdirect automated detection. This underscores a worrying trend of collaboration among cybercriminals, as these kits are not only developed but also traded among groups. To combat these threats, experts recommend exercising caution with emails, verifying sites, and enhancing threat detection methods by security teams.
The phishing technique is particularly deceptive because the links in the phishing emails auto-fill the email field on the login page, mimicking legitimate websites.
Phishing kits sold in the cyber underworld represent a collaborative effort, as different actors develop and trade malicious tools to enhance their impact.
Security teams need to adopt advanced threat detection solutions, monitor sign-in logs, and deploy tools to fingerprint attackers and detect anomalies.
Exercise extreme caution with emails and always verify the legitimacy of websites before entering personal credentials to mitigate phishing risks.
Collection
[
|
...
]