BulletProofLink, a large-scale phishing-as-a-service (PhaaS) operation, offers over 100 phishing templates that imitate known brands and services, Microsoft revealed in its blog. Microsoft was one of the brands whose logo and branding were impersonated during the phishing campaign initiated using BulletProofLink. The operation sells phishing kits, email templates, hosting, and automated services at an affordable cost and is responsible for facilitating many phishing campaigns these days, the blog added. The PhaaS was found to be the weapon of choice by multiple attacker groups who can buy it in either one-off purchase or pay a subscription fee every month to avail its services, the company added. Cyber attacks are growing with each passing day, especially during the pandemic as COVID-19 lockdowns force a rapid adoption of digital tech. Phishing is a cyber attack that uses disguised email as a weapon and is notoriously difficult to sniff out, given its sophistication. Phishing attacks have increased by 600% during the pandemic. The consequences can be damaging in most cases as it results in violation of privacy and inflicts steep financial stress on people as well as businesses. How does BulletProofLink operate? The BulletProofLink PhaaS group became active in 2018 and operates under multiple aliases like BulletProftLink, BulletProofLink, and Anthrax. It also has instructional advertisements on YouTube and Vimeo, Microsoft revealed in its post. BulletProofLink registration and sign-in pages: The service hosts an online store where they allow their customers to register, sign in, and advertise their hosted service for monthly subscriptions. The group…
