Scam-as-a-Service Classiscam Expands Impersonation in Attacks to Include Over 250 Brands

Scam as a Service ClassiscamNow entering its third year in business, the phishing platform, Classicam, represents the highest evolution of an “as a service” cybercrime, aiding more than 1000 attack groups worldwide.

What do cybercriminals need for a successful attack? A convincing email, a list of potential target email addresses, and a website to extract payment details, bank login credentials, etc. And it’s the last part that’s usually the barrier to market for those that want to get into cybercrime.

But scam-as-a-service platform Classiscam has evolved its operations over the years, according to a new report by cybersecurity vendor Group-IB. It has created a template-based service where attackers can create brand impersonated webpages and support localization to expand attacks globally.

According to Group-IB, 251 unique brands were impersonated in the last two years in a total of 79 countries. Over 38,000 separate cybercrime groups have used this service from 2020 through this year, raking in an estimated $64.5 million to Classiscam during that time.

Used to target EMEA, Latin America, and APAC regions, the potential for this platform to expand operations into North America is high.

The real danger for organizations is the templated phishing sites. By continually monitoring and improving these sites, attackers are more successful. In other words, it becomes more likely that targets will become victims.

All the more reason to prop up your user’s sense of vigilance through continual security awareness training to help make the phishing attacks that precede the Classiscam pages obvious to the user.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Topics: Phishing

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews