Trend in Phishing Sites/Kits

Has everyone seen an overall trend of threat actors using legitimate services like Cloudflare and use some of their bot detection tools to get around sandboxes? How are you combatting this?

Also another question is it seems like threat actors are generally getting smarter and locking down phishing sites to where you can’t get the .zip. Does anyone think that this is because of threat actors being more knowledgeable or is it where they are getting said phishing kit it has some type of intro on how to implement a good phishing site?

3 Likes

Hi @cmerchant

Thank you for posting the questions. Based on the global phishing data we collect:

  1. Yes, attackers are increasingly using Cloudflare. Based on the monthly average phish collected in 2024 (so far), we observed a 24% increase on Cloudflare when compared to 2023.

  2. Yes, our phishing kit finder is having to traverse multiple levels to find phishing kits. Sometimes we never reach it. From our data, it depends on the vertical and the threat actor group.

2 Likes