[HEADS UP] New Phishing Kit Spotted on Over 700 Domains



Deadly Phishing KitA cybercriminal gang has recently developed a new phishing kit named LogoKit on several domains. LogoKit changes logos and text in real-time in order to adapt to the targeted victims.

This vicious phishing kit has already been released in the dark web according to threat intelligence firm RiskIQ. The firm has tracked it's progression and in one week the kit was identified in 300 domains, and over 700 within the month. 

"Once a victim navigates to the URL, LogoKit fetches the company logo from a third-party service, such as Clearbit or Google's favicon database," said RiskIQ security researcher Adam Castleman in a report this week.

The firm also shared a screenshot of how this malicious kit works: 

Risk IQ Example Phishing Kit

Source: Risk IQ

This kit can be very tricky to identify from standard phishing templates because most need perfect pixels that mimic the company's authentication page. RiskIQ is still actively tracking the kit and fear that the kit's simplicity could significantly improve the chances of a successful phishing attack. 

Make sure your organization is frequently being tested with the latest attacks. New-school security awareness training can ensure your users know how to spot and report any suspicious activity in their day-to-day operations. 

ZDNet has the full story


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer

Topics: Phishing



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews