"Welcome 'Frappo' – Resecurity Identified a New Phishing-as-a-Service"

A new underground service called Frappo has been identified by the Resecurity HUNTER unit. Frappo is a Phishing-as-a-Service (PaaS) that allows cybercriminals to host and generate high-quality phishing pages appearing to belong to major online banking, e-commerce, popular retailers, and online services. These pages aim to steal customer data. This platform was developed by cybercriminals for spam campaigns that distribute professional phishing content. Frappo has been discovered to be actively advertised on the Dark Web and on Telegram, where it has a group of nearly 1,965 active members. The cybercriminals have been observed discussing their success in attacking customers of various online services. The service emerged on the Dark Web around March 22, 2021 and has been upgraded since then. The service was last updated on May 1, 2022. It enables cybercriminals to anonymously work with stolen data in an encrypted format. In addition, it offers anonymous billing, technical support, updates, and the ability to track collected credentials using a dashboard. It was initially designed to be an anonymous cryptocurrency wallet based on a fork of Metamask. It is fully anonymous as it does not require a threat actor to register an account. According to researchers, the service provides phishing pages for more than 20 Financial Institutions (FIs), online retailers, and popular services, including Amazon, Uber, Netflix, Bank of Montreal (BMO), Royal Bank of Canada (RBC), CIBC, TD Bank, Desjardins, Wells Fargo, Citizens, Citi, and Bank of America. The developers of the Frappo service provide several payment plans depending on the chosen duration of the subscription. This article continues to discuss findings surrounding the Frappo PaaS.

Help Net Security reports "Welcome 'Frappo' – Resecurity Identified a New Phishing-as-a-Service"