blockisthenewchain.com
  • Home
  • Cybersecurity
    • All
    • Corporate Security
    • Data Security
    • System security
    • Web Security
    edge computing

    How important is Edge Computing Security?

    Enhance Smart Cybersecurity

    Three Cognitive Technologies to Enhance Smart Cybersecurity

    phishing_result

    An 11-fold increase in phishing attacks exploiting SaaS platforms

    phishing attacks exploiting saas

    A Simple Guide to Manually Renewing an SSL Certificate

    Protecting Your WordPress Site

    6 Tips for Protecting Your WordPress Site

    Secure SSH Server

    8 Ways to Secure SSH Server Connections on Linux

    Trending Tags

    • Vulnerability
    • IoT-Security
    • Metaverse
    • Application Security
    • Cloud-Security
  • Hacking stories
    • All
    • Apps Hacking stories
    • Exchange Hacking stories
    protect your smart home

    How to protect your Smart Home from hackers

    Hacking Anonymous

    6 ways the hacker group Anonymous is waging cyber-war against Russia

    Investment scammers

    Investment scammers target dating app users

    Axie-Infinity-AXS-Metaverse

    Hacking Story: How a fake job offer took down the world’s most popular crypto game?

    Trending Tags

    • Artificial-Intelligence
    • website security
    • Deep-Learning
    • Hacker-Attack-and-Defense
  • News
    • All
    • Business
    • Crypto News
    • Cybersecurity News
    • World News
    Vitalik-meta

    Meta’s metaverse is doomed, says Vitalik Buterin

    Tiner metaverse

    Tinder puts its metaverse and digital currency project on hold

    bernard arnault

    Bernard Arnault’s investment fund will invest 100 million euros in Web3

    invest in cybersecurity startup

    How can VCs invest in cybersecurity startups in challenging times?

    Venture-Capital-decline

    Cybersecurity Venture Capital Investments: Severe Decline in Q2 2022

    SaaS Security Certification

    A Comprehensive Guide to SaaS Security Certification

    Trending Tags

    • WEB3
    • DEFI
    • Crypto
    • Blockchain
    • Data Security
  • Blockchain
    • All
    • Cryptocurrency
    • Metaverse
    • NFT
    • Trends and DEFI
    • Web3
    blockchain API

    Excellent blockchain API for developers

    The next generation of blockchains

    The next generation of blockchains – cross-chain interoperability

    massa-autonomous-smart-contracts

    Can autonomous smart contracts be the future of blockchain technology?

    blockchain-Blockisthenewchain

    Blockchain Basics – What is Blockchain Technology

    metaverse-cloud

    How will the metaverse affect cloud security?

    What is MetaMask

    What is MetaMask? And is it safe to use?

  • Startups
  • Login
No Result
View All Result
  • Home
  • Cybersecurity
    • All
    • Corporate Security
    • Data Security
    • System security
    • Web Security
    edge computing

    How important is Edge Computing Security?

    Enhance Smart Cybersecurity

    Three Cognitive Technologies to Enhance Smart Cybersecurity

    phishing_result

    An 11-fold increase in phishing attacks exploiting SaaS platforms

    phishing attacks exploiting saas

    A Simple Guide to Manually Renewing an SSL Certificate

    Protecting Your WordPress Site

    6 Tips for Protecting Your WordPress Site

    Secure SSH Server

    8 Ways to Secure SSH Server Connections on Linux

    Trending Tags

    • Vulnerability
    • IoT-Security
    • Metaverse
    • Application Security
    • Cloud-Security
  • Hacking stories
    • All
    • Apps Hacking stories
    • Exchange Hacking stories
    protect your smart home

    How to protect your Smart Home from hackers

    Hacking Anonymous

    6 ways the hacker group Anonymous is waging cyber-war against Russia

    Investment scammers

    Investment scammers target dating app users

    Axie-Infinity-AXS-Metaverse

    Hacking Story: How a fake job offer took down the world’s most popular crypto game?

    Trending Tags

    • Artificial-Intelligence
    • website security
    • Deep-Learning
    • Hacker-Attack-and-Defense
  • News
    • All
    • Business
    • Crypto News
    • Cybersecurity News
    • World News
    Vitalik-meta

    Meta’s metaverse is doomed, says Vitalik Buterin

    Tiner metaverse

    Tinder puts its metaverse and digital currency project on hold

    bernard arnault

    Bernard Arnault’s investment fund will invest 100 million euros in Web3

    invest in cybersecurity startup

    How can VCs invest in cybersecurity startups in challenging times?

    Venture-Capital-decline

    Cybersecurity Venture Capital Investments: Severe Decline in Q2 2022

    SaaS Security Certification

    A Comprehensive Guide to SaaS Security Certification

    Trending Tags

    • WEB3
    • DEFI
    • Crypto
    • Blockchain
    • Data Security
  • Blockchain
    • All
    • Cryptocurrency
    • Metaverse
    • NFT
    • Trends and DEFI
    • Web3
    blockchain API

    Excellent blockchain API for developers

    The next generation of blockchains

    The next generation of blockchains – cross-chain interoperability

    massa-autonomous-smart-contracts

    Can autonomous smart contracts be the future of blockchain technology?

    blockchain-Blockisthenewchain

    Blockchain Basics – What is Blockchain Technology

    metaverse-cloud

    How will the metaverse affect cloud security?

    What is MetaMask

    What is MetaMask? And is it safe to use?

  • Startups
No Result
View All Result
blockisthenewchain.com
No Result
View All Result
Home Cybersecurity Corporate Security

An 11-fold increase in phishing attacks exploiting SaaS platforms

Researchers have found that attackers are abusing legitimate SaaS platforms in order to create phishing sites. The report by Palo Alto Networks Unit 42 showed that from June 2021 to June 2022, there was a massive increase of 1,100% in such abuses.

BlockIsTheNewChain by BlockIsTheNewChain
September 4, 2022
in Corporate Security, Cybersecurity, System security
434 5
0
phishing_result
29
SHARES
1.5k
VIEWS
Share on TwitterShare on LinkedinShare on FacebookShare on Telegram

There is an 11-fold increase in phishing attacks exploiting SaaS Platforms. Attackers are abusing legitimate SaaS platforms in order to create phishing sites. Attackers are abusing legitimate software-as-a-service (SaaS) platforms to create phishing sites, researchers have found, according to a report from Palo Alto Networks Unit 42, which shows that from June 2021 to June 2022, There has been a massive 1,100% increase in such abuses.

SaaS offers several advantages for phishing, including evading detection by email security systems, enjoying high availability, and not having to learn to code to create legitimate-looking websites. Furthermore, since the SaaS platform simplifies the process of creating new sites, attackers can easily switch to different themes, and expand or diversify their operations.

Unit 42 divided the abused platforms into six categories: file sharing, survey formulators, website generators, note-taking, and document-writing platforms, and personal profiles. Palo Alto Networks recorded abuse growth across all categories.

phishing attacks
SaaS Platform Abuse Growth by Category

The Unit 42 report explains that in most cases, attackers host their credential-stealing pages directly on the abused service, and in some specific cases, the login page hosted on the abused service does not contain the credential-stealing form itself, Instead, the attacker takes the victim to another site through a redirection step.

Phishing sites can be hosted on a bulletproof hosting provider (BPH) that does not respond to takedown requests, so phishing actors follow this practice to increase campaign uptime while sacrificing conversion rates. If the final credential-stealing page is removed, the attacker can simply change the link and point to the new credential-stealing page, keeping the phishing behavior going.

Research suggests that preventing abuse of legitimate SaaS platforms is very difficult, which is why SaaS is so suitable for phishing campaigns. For users, it’s also important to keep in mind that the website URL is legitimate when asked to enter account credentials.

Related Posts

edge computing
Corporate Security

How important is Edge Computing Security?

by BlockIsTheNewChain
October 12, 2022

Edge computing is revolutionizing the way business operates. This has sparked a massive uptake of edge computing products and services. Research predicts...

Read more
Enhance Smart Cybersecurity

Three Cognitive Technologies to Enhance Smart Cybersecurity

October 7, 2022
phishing attacks exploiting saas

A Simple Guide to Manually Renewing an SSL Certificate

September 4, 2022
Protecting Your WordPress Site

6 Tips for Protecting Your WordPress Site

September 4, 2022
Secure SSH Server

8 Ways to Secure SSH Server Connections on Linux

September 4, 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

  • Vulnerability Scanning

    The most popular Web vulnerability scanning tools

    36 shares
    Share 14 Tweet 9
  • Excellent blockchain API for developers

    29 shares
    Share 12 Tweet 7
  • 6 ways the hacker group Anonymous is waging cyber-war against Russia

    31 shares
    Share 12 Tweet 8
  • Blockchain Basics – What is Blockchain Technology

    28 shares
    Share 11 Tweet 7
  • Can autonomous smart contracts be the future of blockchain technology?

    28 shares
    Share 11 Tweet 7

  • About
  • terms-and-conditions
  • Privacy & Policy
  • Contact

© 2022 Blockisthenewchain - The latest Blockchain, Cybersecurity News, and Startup Reviews by BLOCKisthenewCHAIN.

No Result
View All Result
  • Home
  • Cybersecurity
  • Hacking stories
  • News
  • Blockchain
  • Startups

© 2022 Blockisthenewchain - The latest Blockchain, Cybersecurity News, and Startup Reviews by BLOCKisthenewCHAIN.

Welcome Back!

Sign In with Facebook
Sign In with Google
OR

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.