A recent report by Barracuda Networks highlights a marked increase in Phishing-as-a-Service (PhaaS) attacks within the first two months of 2025.
During this period, Barracuda’s detection systems successfully blocked over one million phishing attempts originating from prominent PhaaS platforms. These attacks are becoming progressively sophisticated, with platforms such as Tycoon 2FA, EvilProxy, and Sneaky 2FA identified as the most utilised tools for carrying out these operations.
The report indicates that a significant majority, 89%, of these incidents involved the use of Tycoon 2FA software. EvilProxy accounted for 8% of the attacks, noted for its low requirement for technical expertise to be implemented. The remainder, 3%, were linked to Sneaky 2FA, a…