Analysis of 3,200 Phishing Kits Sheds Light on Attacker Tools and Techniques

Phishing kits are used extensively by cybercriminals to increase the efficiency of stealing user credentials. The basic kit comprises an accurate clone of the target medium’s login-in page (Gmail, Facebook, Office 365, targeted banks, etc), and a pre-written php script to steal the credentials — both bundled and distributed as a zip file. Successfully phished credentials are mailed by the script to the phisher, or gathered in a text file for later collection.