Cybercriminals are increasingly turning towards legitimate Software-as-a-Service (SaaS) solutions to launch, distribute, and advertise their campaigns, security researchers have reported.
Unit 42, the cybersecurity arm of Palo Alto Networks, has published a report which found the abuse of such services soared by 1,100% in a span of a year between June 2021 and 2022.
All kinds of services are being abused: file sharing sites, hosting tools, form and survey builders, website design sites, and collaboration tools, to name a few. Website builders, collaboration platforms, and form builders were also said to have experienced the highest uptick in abuse in the last year.
Saving time and money
Unit 42 says the rising popularity of these tools among crooks can be attributed, first and foremost, to the fact that they are legitimate, and as such, often pass through various fraud and scam filters, including email security solutions.
But it can also be attributed to the fact that they’re super easy and convenient to use, and allow for the quick upscaling and downscaling of campaigns.
What’s more, should law enforcement agencies take down a phishing page, for example, the crooks can simply change the link and have it point elsewhere, while avoiding the gruntwork of having to design the page from scratch. That being said, the tools are built with newbies in mind, which eliminates the need to know how to code, or be well-versed in website, or form, design.
Palo Alto Networks isn’t the only company warning about the abuse of legitimate SaaS solutions, either. As reported by BleepingComputer, Cyren has been warning about the “rampant abuse” of typeform.com since mid-2021, while Trend Micro warned of 123formbuilder.com, formtools.com, as well as smartsurvey.co.uk. Cofense was warning about the abuse of canva.com, as well.
Stopping the abuse of these services, the publication says, will be relatively challenging, as implementing “aggressive email filters” can do more harm than good.
- These are the best endpoint protection services right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.