A new phishing as a service (PaaS) platform is being used to create convincing Microsoft 365 login prompts and takes advantage of multi-factor authentication (MFA) at a low cost. The new platform named Greatness can create convincing Microsoft 365 cloud login screens that include the company logo, background image, and will even pre-fill the victim’s email address into the username field to look more realistic. The PaaS platform is mainly used to target manufacturing, healthcare, and technology companies but has also been reportedly used on education, construction, and financial businesses. The hacking service has primarily targeted business users in the US, UK, Australia, South Africa, and Canada since mid-2022.
The platform Greatness also goes a step further and can capture and use multi-factor authentication codes for Microsoft. When the user enters their credentials into the phishing site, the service communicates with Microsoft to prompt for MFA authentication. The hacking service then passes the authentication back to Microsoft in real time and captures the authentication token to be used again later by the attacker. This new hacking service is set up so that even unskilled attackers can use the most advanced features like compromising MFA, and records the stolen credentials and authentication token in an easy-to-use format.
Phishing as a service platforms have become more sophisticated over the past year, and many of them include professional toolkits that track compromised credentials and offer customer support. The cost and technical ability required have also been reduced. Not long ago, attackers needed a moderate level of programming knowledge to use the PaaS tools, but this is no longer the case. The tools have been made very user-friendly, and at a cost between $40 – $1000, anyone can launch a phishing campaign. This ease of access presents logistical problems for competing businesses or former employees.
Quanexus IT Support Services for Dayton and Cincinnati
Request your free network assessment today. There is no hassle, or obligation.
If you would like more information, contact us here or call 937.885.7272.
Follow us on Facebook, Twitter and LinkedIn and stay up to date on by subscribing to our email list.
