Darcula Mobile Phishing Threat

We have reported previously that many data breaches are the result of phishing attacks. Phishing is big business for cyber criminals and can reap big rewards.

Phishing is often carried out via email but it can also be carried out via text message.

A new threat has recently emerged, targeting unsuspecting mobile users through the seemingly secure iMessage (iPhone) platforms or RCS (Android) protocol.

A new phishing-as-a-service (PhaaS) named ‘Darcula’ has been found by security researchers to have been used for numerous high-profile phishing attacks over the last year. The service uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.

Phishing-as-a-service uses the software-as-a-service business model and provides access to a phishing kit for a fee. This makes cybercrime accessible to the masses.

Darcula has been used against various services and organizations and the kit offers fraudsters over 200 templates to choose from.

Users should treat all incoming messages urging them to click on URLs with suspicion, especially if the sender is not recognized.

There are usually several red flags in the dodgy messages including inaccurate grammar, spelling errors or urgent calls to action.

The image shown is a text that one of our Directors recently received as an iMessage which likely used the Darcula phishing kit to deploy. Note the red flags including the sender’s details, the call to click on the link within 12 hours and the sign off at the end.

Learn more in our blog which focuses on email phishing and How to Prevent Phishing Attacks.