Threat Actors Abuse Popular SaaS Products in Phishing Campaigns Targeting BFSI Customers

Phishing has long proved to be one of the most efficient ways to gather personal information, such as login credentials, credit card numbers, confidential customer data, and intellectual property. The individuals involved in these activities have developed advanced innovative solutions to evade detections and trick innocent users. One such solution is the use of SaaS platforms.

 In 2022, researchers at CloudSEK uncovered various freemium SaaS platforms which had been abused by scammers to conduct phishing campaigns targeting popular brands such as Amazon and Netflix. Majority of these campaigns were aimed at the Indian BFSI customer.

‍