Skip to main content

This phishing kit is wreaking havoc on thousands of victims

Hook on Keyboard
(Image credit: wk1003mike / Shutterstock )

Cybersecurity researchers have discovered a phishing kit that’s being used by different threat actors to scam people around the world.

Researchers at vpnMentor chanced upon two different campaigns that used slightly altered versions of the phishing kit, to target people mostly living in Israel and France.

“According to our research, the first scammer successfully collected 380 Israeli credit cards. That’s a conversion rate of over 8.5% – quite an accomplishment by phishing standards,” notes vpnMentor.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

The researchers have already notified the credit card companies, though they admit they can’t yet put a number on the effectiveness of the second scam.

Emerging trend

In the first scam, the attackers masqueraded as the UPS courier services and scammed over 4400 people. While a majority were Israeli citizens, there were individuals from the US, Brazil, Saudi Arabia, and from all over Europe. 

The second scam targeted customers of the Crédit Agricole Bank in France, and is thought to have tricked about 1700 people.

Irrespective of the impact of the scams, vpnMentor argues that the implications of the attack are far more worrying.

Instead of being devised by the attackers, the researchers believe the phishing kit was probably acquired by newbie internet scammers hoping to dabble in online fraud to make a quick buck.

“This is becoming an increasingly popular form of cybercrime – ‘hobby hackers’ with minimal technical experience buying easy-to-use tools like phishing kits to try out cybercrime, often just for fun,” share the researchers.

In fact, vpnMentor was able to discover the phishing kit only because the “hobby hackers” were inexperienced enough to leave their database of the scammed information completely unsecured and unencrypted.

While the cost of such activities may not be as high as more sophisticated, high-profile campaigns like Solarwinds, their damage can quickly add up, because of the large attack surface area.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.