• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

everthing

  • Home
  • About
  • Animals
  • Lastes-posts
  • Medicine
  • NBA All-Star Game
  • Pharmacy
  • Software
  • Contact

Scammers can buy bank phishing software for $50 a month

August 2, 2022 by admin

Security researchers recently discovered a platform that sells access to and support for phishing software targeting US banks, including Chase, Bank of America and Wells Fargo.

The researchers categorized the program as a phishing-as-a-service because it involves the sale of code, images, and configuration files that people can purchase and use to create fake login pages that can be used to steal victims’ credentials.

Analysts at cybersecurity firm IronNet the discovery announced of criminal service Robin Banks and last week published a list of mitigation strategies companies can use to track down their employees and customers and prevent them from becoming victims.

IronNet said in its blog post about the Robin Banks platform that the researchers had discovered the “large-scale” campaign, which targets victims via text and email. According to IronNet, the threat actors appeared to be profit-driven and target basic users rather than high-value or otherwise special users.

“The primary motivation for scammers using this kit appears to be financial; however, the kit also asks victims for their Google and Microsoft credentials after traveling to the phishing landing page, indicating that it can also be used by more sophisticated threat actors seeking to gain initial access to corporate networks for ransomware or other post-intrusion activities,” the IronNet blog post says.

Robin Banks has been active since at least August 2020 and the latest platform was commissioned in March or April 2022, according to IronNet.

People interested in purchasing access to Robin Banks can visit a now disabled public website (as opposed to a dark website) to browse the phishing kit’s prices and features. Although that website is now offline, new pages have been created with Robin Banks keep appearing online.

For threat actors who have purchased a subscription, the user dashboard provides information on the number of clicks they have gotten, features for creating new phishing pages, and options to add funds to their wallets using bitcoin.

The group behind Robin Banks sells access to a single phishing page for $50 a month or access to all the pages the platform offers for $200. Both prices include 24/7 support and future updates to the platform. Users who have purchased a phishing kit can also modify their pages to block bot activity. IronNet said the group behind Robin Banks had accumulated more than $500,000.

IronNet analysts said the credentials stolen with the Robin Banks kit will be accessible to both the threat actors purchasing access to the platform and Robin Banks administrators.

IronNet, in its blog post, described a specific case of a threat actor who used the Robin Banks platform to steal Citibank and Microsoft credentials in a campaign that analysts say “proved very successful” as numerous victims’ account information was sold over the dark. web and on various channels in Telegram, a messaging platform popular with criminal groups.

The researchers said the threat actor was trying to expand their Robin Banks-backed campaign to target customers from other platforms. As part of the expansion, the threat actor also attempted to use services from Amazon Web Services, Microsoft, DigitalOcean, Oracle, Google, and Cloudflare.

According to Roger Grimes, a data-driven defense evangelist at the security awareness training platform KnowBe4, companies tend to underestimate the potential of social engineering attacks such as phishing.

“Every organization should focus more on defeating social engineering and phishing and less on other types of attacks that are much less likely,” Grimes said. “It’s because almost every company doesn’t focus enough on social engineering as by far the most important attack vector that allows hackers and their malware creations to be so successful.”

IronNet’s recommendations for avoiding phishing attacks, including by Robin Banks and its affiliates, include teaching employees and customers never to click links sent via text or email, and encouraging from customers and staff to use password managers to ensure the use of unique credentials for all accounts. multi-factor authentication for all accounts where available, and requires phishing training for employees and other partners.

In addition, IronNet has delivered a URL search tool that allows banks and other institutions to find pages that impersonate their websites using the Robin Banks kit. Recently discovered URLs mimicked the domains of Bank of America, Capital One, Truist, Navy Federal Credit Union, and other financial institutions.

.

Related

Filed Under: Software Tagged With: AB - Technology, fraud, phishing, Technology

Primary Sidebar

Recent Posts

  • Aziyo Biologics co-founder and pioneer of regenerative medicine, Dr. Randy Mills, appointed Chief Executive Officer
  • The best airlines that allow you to fly with your pets on board
  • Concussion-detecting helmets 3D printing software among innovations presented Eagle Startup Showcase | Embry-Riddle Aviation University
  • Doctivity™ Appoints National Healthcare Leaders to Board of Directors and Advisory Board
  • France to rescue whale stranded in Seine and send it to saltwater | Wildlife News

Recent Comments

  1. A WordPress Commenter on Hello world!

Archives

  • August 2022
  • July 2022
  • June 2022

Categories

  • Animals
  • Lastes-posts
  • Medicine
  • NBA All-Star Game
  • Pharmacy
  • Software

Footer

Design

With an emphasis on typography, white space, and mobile-optimized design, your website will look absolutely breathtaking.

Learn more about design.

Pages

  • About
  • Affiliate Disclosure
  • Contact
  • Homepage
  • Landing Page
  • Privacy Policy
  • Sample Page
  • Terms And Conditions

Content

Our team will teach you the art of writing audience-focused content that will help you achieve the success you truly deserve.

Learn more about content.

Strategy

We help creative entrepreneurs build their digital business by focusing on three key elements of a successful online platform.

Learn more about strategy.

Copyright © 2022 · Genesis Sample on Genesis Framework · WordPress · Log in

Go to mobile version