Legal Operations » Massive Increase in SaaS Phishing Attacks

Massive Increase in SaaS Phishing Attacks

Artwork Illustration depicts electronic scam, con artist, cyber crime, hack, hacker, and phishing site.

Threat actors have been abusing legitimate software-as-a-service (SaaS) platforms
such as website builders and personal branding spaces to create malicious phishing
websites that steal login credentials. Palo Alto Networks Unit 42 reports that
researchers have seen a sharp rise in abuse, with the data collected showing a
massive increase of 1,100% from June 2021 to June 2022. Using SaaS for phishing
allows phishing actors to evade alerts from email security systems and bypass the need
to code legitimate-appearing websites. In addition, phishing actors can easily switch to
different themes, scale up or diversify their operations, and quickly respond to reports
and takedowns because SaaS platforms simplify and streamline the process of creating
new sites.
Abused platforms have been divided into six categories by Unit 42: file sharing and
hosting sites, form and survey builders, website builders, note-taking and
documentation writing platforms, and personal portfolio spaces. Although there has
been growth in abuse across all categories, the most significant has been in website
builders, collaboration platforms, and form builders. Stopping the abuse of legitimate
SaaS platforms will be very difficult, however, which makes them so suitable for
phishing campaigns and why the rise in their abuse since last year has been so
startling.

Read full article at:

Get our free daily newsletter

Subscribe for the latest news and business legal developments.

Read this next

Top 100 Litigator Sues Blue Cross Over His Cancer Treatment

In 2018, Robert Salim, 67, realized he was seriously ill. After numerous […]

Eight States Now Require Pay Transparency in Job Postings

Financial Industry Suing to Foil New Regulations

New rules aimed at lenders, investment funds, and other financial entities would […]

Regulatory Burden Factors Into AI Decision

GC Must Warn Boards Of AI Risks

There are companies investing hundreds of millions of dollars or more into […]

Scroll to Top