A large-scale phishing-as-a-service operation, dubbed BulletProofLink, has been discovered to be providing attackers with everything they need for social engineering attacks — from phishing kits and templates, to hosting services and other useful tools.
BulletProofLink has more than 100 phishing templates that copy known brands, such as Microsoft, and even creates unique subdomains to associate with campaigns. Over 300,000 subdomains were generated in a single run.
These services are available to would-be criminals for as much as $800 per month, but individual services can cost much less. For instance, a one-time hosting link may only cost $50, and first-time customers even receive a 10% discount.
Acronis' Advanced Email Security pack scans all emails coming into users' accounts and blocks messages that contain malicious content. Additionally, the URL filtering capabilities in Acronis Cyber Protect block access to the malicious URLs that phishing campaigns often rely on to host their payloads.
