Microsoft removes hundreds of malicious websites used in phishing attacks


  • The Microsoft Digital Crimes Unit has seized 240 fraudulent sites
  • The sites were used by ONNX to sell phishing templates
  • Phishing attacks target millions of users per month

Millions of phishing emails targeting victims every day use ‘do-it-yourself’ phishing kits developed by Egypt-based ONNX – but the Microsoft Digital Crime Unit has now seriously disrupted this operation by seizing 240 fraudulent websites used to sell Phishing-as-a-Service (PaaS) kits.

Phishing poses a real threat to both individuals and organizations, with successful phishing attacks causing devastating financial and data losses. Cybercriminals have taken this even further by developing ‘kits’ that they can sell to other criminals to help develop widespread phishing campaigns and bypass security measures by intercepting MFA requests.