Cost of Black Market Phishing Kits Soars 149% in 2019

Researchers have warned of a booming underground market for phishing kits: the tools novices can use to set up convincing websites designed to harvest victims' credentials.

Singapore-based Group-IB claimed that prices have surged 149% over the past year, while the number of ads for these kits on black market forums doubled and the number of sellers increased by over 120%.

The average price is said to have soared from $122 in 2018 to over $300 per product last year.

All of this indicates a growing demand for more complex, high quality kits — possibly because cybersecurity tools are getting better at stopping commodity attacks.

At one end of the scale, free products are often booby-trapped with backdoors enabling their creators to harvest any information collected by them, while at the other, high-end kits feature technical support and high quality phishing pages, according to Group-IB.

Group-IB said it managed to detect over 16,200 unique phishing kits in 2019. It does so by tracing the designated email address to which any harvested data is sent. The number of these unique emails rose 8% last year.

“Phishing kit creators are the driving force of this criminal marketplace — one individual might be behind the creation of hundreds of phishing pages and, even worse, behind the compromise of the personal information of thousands of people,” said Group-IB CTO Dmitry Volkov.

“Therefore, the fight against phishing kit creators should be at the core of the struggle to eradicate phishing.”

Group-IB boasted that it has already been able to deanonymize phishing kit creators and share its intel with law enforcers. However, this practice is getting harder as phishers look to hide their activities.

The vendor claimed only 113,460 out of 2.7 million phishing pages it detected last year contained a phishing kit.

The top brands targeted last year were Amazon, Google, Instagram, Office 365, and PayPal, while the top underground markets for trade in phishing kits were Exploit, OGUsers, and Crimenetwork.

What’s Hot on Infosecurity Magazine?