Software-as-a-Service solutions are being used to launch, distribute, and advertise their campaigns.
Unit 42, the cybersecurity arm of Palo Alto Networks, published a report which found the abuse of such services soared by 1,100 per cent between June 2021 and 2022.
File sharing sites, hosting tools, form and survey builders, website design sites, and collaboration tools have all been targeted. Website builders, collaboration platforms, and form builders were said to have experienced the highest uptick in abuse in the last year.
Unit 42 says the rising popularity of these tools among villains is that they are legitimate, and as such, often pass through various fraud and scam filters, including email security solutions.
They are also easy and convenient to use, and allow for the quick upscaling and downscaling of campaigns.
If coppers take down a phishing page, the crooks can simply change the link and have it point elsewhere, while avoiding the gruntwork of having to design the page from scratch.