- Phishing kits sold for $ 25 give low -skilled criminals powerful tools to steal data
- Drag-drop websites and false emails facilitate the launch of professional scams
- Phishing platforms as a service help criminals to carry out major attack campaigns
The world of cybercrime is constantly evolving and phishing attacks become easier to make.
New research from NordVPN shows that phishing kits – pre -fabricated software beams – are now largely sold for less than $ 25, which gives even low -skilled criminals the possibility of stealing sensitive data and launching malicious software attacks.
NordVPN’s research has revealed that phishing kits are, like so many criminal equipment, often sold on the Dark web and applications like Telegram, with packages generally including everything an attacker needs: false ready-to-use websites, pre-written emails and stolen contact lists.
Brands such as Google, Meta / Facebook and Microsoft are among the most common, with nearly 85,000 false Google URL Discovered in 2024 only.
Adrianus Warmenhoven, cybersecurity expert in NordVPN, explained that these kits make cybercrime more accessible.
“Phishing kits are a strength multiplier for cybercrime. They put powerful attack tools in the hands of people who may not have the skills necessary to build them for themselves, “he said.
“With features such as web manufacturers to drag and drop, messaging models and even contact lists, these kits even allow the less technical attackers to make professional scams.”
At the same time, phishing platforms as a service (phaas) increase. These subscription-based services allow criminals to launch campaigns without having to manage one of the technical work themselves.
“The phishing kits and the Phaas platforms reduce the barrier to the entrance, we therefore see an increase in the number and the variety of attacks,” adds Warmenhoven. “This means that consumers must be more alert than ever.”
How to stay safe
Protecting you begins, as always, to be skeptical about unexpected emails, in particular those who try to create a feeling of emergency or to promise great awards.
Always want links to check the small spelling errors or unusual areas before clicking.
Activate multi-factory authentication as much as possible to add a second protection layer to your accounts. This can prevent attackers even if your password is compromised.
Avoid using free file sharing sites or video accommodation in which you don’t trust. These often hide malware or invasive trackers.
Keep all your software and devices up to date to patcher known security defects. Use anti-malware tools to scan downloads and plan to install browser tracking blockers to protect your confidentiality.
If you accidentally click on a suspicious link or download something that is not sure to you, immediately run a complete malware analysis. If you think your information may have been exposed, immediately change your passwords from a safe device.
Staying cautious with the place you are browsing, which you download and with whom you communicate online can reduce the risks of phishing attacks and help ensure the safety of your information.
