December 3, 2024 at 04:06PM
Cybercriminals are increasingly abusing Cloudflare’s ‘pages.dev’ and ‘workers.dev’ for phishing and malicious activities, with Fortra reporting a 198% rise in phishing incidents on Cloudflare Pages and a 104% increase on Cloudflare Workers. This exploitation leverages Cloudflare’s trusted reputation, complicating detection and allowing efficient phishing campaigns.
**Meeting Takeaways:**
1. **Increase in Abuse of Cloudflare Domains**:
– There has been a significant rise in cybercriminals using Cloudflare’s domains (‘pages.dev’ and ‘workers.dev’) for phishing and malicious activities, with increases reported between 100% and 250% compared to 2023.
2. **Cloudflare Pages Abuse**:
– Cybercriminals are increasingly using Cloudflare Pages to host intermediary phishing sites. A notable spike in phishing incidents was observed, climbing from 460 in 2023 to 1,370 by mid-October 2024, marking a 198% increase.
– This tactic exploits Cloudflare’s trusted reputation, making fraudulent content harder to detect.
3. **Phishing Campaigns**:
– Attackers embed links to these malicious pages in fraudulent emails and PDFs, which evade security filters due to Cloudflare’s trusted branding.
– The average monthly phishing incidents are projected to exceed 1,600 by year-end, indicating a 257% year-over-year increase.
4. **”Bccfoldering” Tactic**:
– A technique used by cybercriminals to obscure the scale of their phishing campaigns by hiding recipient lists in the email envelope, complicating detection efforts.
5. **Cloudflare Workers Abuse**:
– Similar abuse is seen with Cloudflare Workers, where the number of phishing incidents has surged from 2,447 in 2023 to nearly 5,000 year-to-date, projecting a 145% increase by year-end.
– Legitimate services like hosting human verification steps in phishing schemes are being exploited for added credibility.
6. **Recommendations for Users**:
– Users are advised to verify URLs before entering sensitive information and to utilize two-factor authentication to bolster account security against potential breaches.
These insights emphasize the evolving challenges posed by cybercriminals utilizing legitimate platforms to execute phishing attacks, underscoring the need for enhanced security awareness and measures.