The Microsoft security team announced that they have discovered a massive e-fishing business using a Phishing-as-a-Service (PHaaS) model.
In hacker circles the service is known as BulletProofLink, BulletProftLink or Anthrax and is currently being advertised in underground forums.
The service is an evolution of "phishing kits", which are collections of pages and e-fishing templates that mimic the connection forms of well-known companies.
But BulletProofLink takes phishing to a whole new level, providing additional built-in hosting and email services.
Customers who sign up for the BulletProofLink portal pay a fee of $ 800 and BulletProofLink administrators do everything else for them.
These services include setting up a phishing website, setting up a phishing template, setting up domain (URLs) for phishing sites, sending real phishing emails to desired victims, and collecting credentials from attacks and then delivering the stolen data to the "customers" at the end of each week.
If customers want to diversify their e-fishing standards, the BulletProofLink gang also has a separate store offering new standards, with prices ranging from $ 80 to $ 100 per standard.
About 120 different e-fishing standards are currently hosted. In addition, the site hosts tutorials to help customers use the service.
Microsoft describes the service as technically advanced, and the team behind it often uses compromised websites to host phishing pages.
The BulletProofLink gang has sometimes been observed to infringe on the DNS records of infringed sites in order to create subdomains on trusted sites for hosting phishing pages.
"In the e-Fishing Attack investigation, we came across a campaign that uses a fairly large volume of newly created and unique subdomains - over 300.000 for a single run." he says Microsoft, highlighting the huge scale of BulletProofLink PHaaS.