The phishing is one of the most profitable techniques for cybercriminals. A new report published by Imperva reveals that so-called key ring services make it an even more effective practice.

The firm’s researchers explored the darknet markets to get a rough idea of ​​the cost of a phshing campaign, as well as to get a realistic view of the business model of these hackers. What they discovered in a Russian market is that a network tries to boost the PhaaS or Phishing as a Service throughout the darknet through facilities in the purchase and very reduced prices.

Not only that, but they offer “a complete solution for the rookie rogue“. This solution includes e-mail databases, phishing scam templates, and a special database for storing stolen access credentials.

Put another way: the network that tries to promote this type of campaign sells the rookies an automatic service. Using their login credentials they can choose a wide variety of pages with predefined scams. These include social networks, banking, buying and selling, telecommunications, gaming and dating sites. Once the credentials of the victims are obtained, they will be stored in the above-mentioned database.

In addition to this they saw that it was easy to hijack compromised servers to use in their campaigns, which further reduces the initial investment costs.

The PhaaS is very cheap and doubles the benefits

The researchers conducted a cost analysis, determining that the Phaas costs a quarter as a conventional phishing campaign and can double the benefits of one of these, and require a lot of work and skill.

What they determined is that by lowering costs and reducing the technological barriers associated with phishing , along with this empowerment plan, can lead to an increase in such campaigns and obtain a greater number of victims thanks to PhaaS.

According to Amichai Shulman, co – founder and CTO of Imperva, the combination of PhaaS with compromised web servers “has dropped significantly” monetary cost and technology to carry out a campaign successfully:

It is no longer feasible for businesses to use endpoint-based clients and software to fight against phishing attempts as the public continues to click on malicious links in emails.

One way to decelerate attacks would be to cut off easy access to compromised servers, which would increase investment in a phishing campaign and decrease profitability.

Thanks to their investigations they also managed to discover many social engineering data used by hackers against their victims. Apparently mornings are the most likely time of day for a victim to fall into the trap.

In addition, victims are more likely to enter their username and password to open an attachment than to click a URL in an email to enter a service with their credentials blindly.