Cybercrime at scale: Dissecting a dark web phishing kit

Published

Moving on from their Nigerian Prince antics of the past, today’s cybercriminals use sophisticated phishing kits to launch effective attacks at scale. These kits include all the elements bad actors need to steal credentials, data and money — and are readily available on the dark web for anyone with an internet connection. Since the best way to beat a cybercriminal is to understand how they work, we found a phishing kit from the dark web to see what’s inside.

Join Cameron Bulanda, Security Engineer, and Kevin Angeley, Solution Engineer, for a walkthrough of what’s inside these “off-the-shelf” kits, including:

-Realistic data-entry pages that would make any web designer proud

-Automated routing of harvested credentials

-IP monitoring for blacklist evasion

Please remember Infosec does not condone these nefarious activities on the dark web. We shared this information in hopes that cybersecurity professionals are better equipped to handle the threats our organizations, employees, friends and families encounter every day.

Anonymous
about 2 months agoMay 22, 2020
Hi
Dee
28 days agoJune 13, 2020
I was surprised at just how sophisticated phishing kits have become, and how easily available they are. The websites appear genuine to the common user. Really important to check out the domain names that are close to your organization to review for nefarious activity. I will continue to look for additional resources to further educate myself with this topic in order to help others. Thank you for an informative video.
Your comment