Cisco Talos researchers have discovered a phishing-as-a-service (PaaS) tool called “Greatness” that has been used by hackers in several campaigns to steal sensitive information from unsuspecting victims. Greatness allows attackers to easily create custom phishing pages and collect login credentials, payment information, and other sensitive data. It is currently being sold on underground forums for as little as $50.
Why it matters: Phishing attacks remain one of the most significant cybersecurity threats to individuals and organizations. The emergence of PaaS tools like Greatness makes it easier for rookie hackers to launch effective phishing campaigns, putting even more individuals and organizations at risk.
- The service has “almost exclusively” been used to target companies, rather than government organizations, by mimicking their Microsoft 365 login pages.
- The tool provides affiliates with a range of resources to carry out attacks, including attachment and link builders, decoy pages and login pages with already pre-filled email addresses.
- The decoy pages created by the tool often use the a company logo and background extracted from their real Microsoft 365 login page.
- Multifactor Authentication (MFA) Bypass and IP filtering are also features on the PaaS tool.
