SaaS platforms are facing more phishing attacks than ever

By Scott Marlette Last updated Aug 25, 2022

Cybercriminals are increasingly turning towards legitimate Software-as-a-Service (SaaS (opens in new tab)) solutions to launch, distribute, and advertise their campaigns, security researchers have reported.

Unit 42, the cybersecurity arm of Palo Alto Networks, has published a report which found the abuse of such services soared by 1,100% in a span of a year between June 2021 and 2022.

All kinds of services are being abused: file sharing sites, hosting tools, form and survey builders, website design sites, and collaboration tools, to name a few. Website builders, collaboration platforms, and form builders were also said to have experienced the highest uptick in abuse in the last year.

Saving time and money

Unit 42 says the rising popularity of these tools among crooks can be attributed, first and foremost, to the fact that they are legitimate, and as such, often pass through various fraud and scam filters, including email security solutions.

But it can also be attributed to the fact that they’re super easy and convenient to use, and allow for the quick upscaling and downscaling of campaigns.

What’s more, should law enforcement agencies take down a phishing page, for example, the crooks can simply change the link and have it point elsewhere, while avoiding the gruntwork of having to design the page from scratch. That being said, the tools are built with newbies in mind, which eliminates the need to know how to code, or be well-versed in website, or form, design.

Palo Alto Networks isn’t the only company warning about the abuse of legitimate SaaS solutions, either. As reported by BleepingComputer, Cyren has been warning about the “rampant abuse” of typeform.com since mid-2021, while Trend Micro warned of 123formbuilder.com, formtools.com, as well as smartsurvey.co.uk. Cofense was warning about the abuse of canva.com, as well.

Stopping the abuse of these services, the publication says, will be relatively challenging, as implementing “aggressive email filters” can do more harm than good.

Via: BleepingComputer (opens in new tab)

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.