At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    Cyber Attack Tools Now Being Used To Help Phishing Pages Avoid Detection

    Cybercriminals are offering tools to help phishing pages avoid detection by security tools, according to researchers at SlashNext.

    “Anti-bot services, like Otus Anti-Bot, Remove Red, and Limitless Anti-Bot, have become a cornerstone of complex phishing operations,” the researchers write. “These services aim to prevent security crawlers from identifying phishing pages and blocklisting them. By filtering out cybersecurity bots and disguising phishing pages from scanners, these tools extend the lifespan of malicious sites, helping criminals evade detection longer.” 

    These tools are sophisticated and easy to use, allowing unskilled attackers to increase the effectiveness of their attacks for a relatively low price.

    “Otus Anti-Bot is one of the most popular solutions, claiming to deploy behavioral analysis, challenge-response mechanisms, bot signature detection, and integration with threat intelligence feeds,” the researchers write.

    “What sets Otus apart is its incredibly quick deployment—users can get it running on their phishing pages in under two minutes. Once deployed, Otus allows dynamic configuration changes, meaning the user only needs to paste the code once, and any updates to protection settings are applied in real time across multiple pages. The platform also offers easy IP and country-based whitelisting for customized testing and targeting.”

    These tools also allow attackers to target phishing campaigns by region, further minimizing their detection rates.

    “Some campaigns are region-specific, allowing anti-bot systems to block foreign traffic entirely,” SlashNext says. “For example, if a phishing campaign is targeting a Korean bank, the service might allow only Korean traffic to visit the site while blocking foreign IP addresses. This method can even be drilled down to the city level, ensuring the page remains under the radar of international cybersecurity services.”

    Attackers are always finding new ways to stay ahead of security technologies. New-school security awareness training can give your organization an essential layer of defense by enabling your employees to recognize attacks that slip past security measures.

    KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

    SlashNext has the story.

    Free BreachSim Tool

    How easy is it for bad actors to penetrate your system and exfiltrate your data? Pinpoint vulnerabilities, take action and build stronger cyber defenses with KnowBe4’s Breach Simulator “BreachSim.” Based on techniques outlined in the MITRE Att&CK framework, BreachSim launches 12+ simulated scenarios to uncover the stark reality of what happens when employees unknowingly fall for an attack.

    How BreachSim works:

    • 100% harmless simulation of real breach and data exfiltration attacks
    • Provides secure .txt, .doc, and .bmp test files for the simulation
    • Tests 12+ realistic data exfiltration scenarios following the MITRE Att&CK framework
    • Just download the installer, upload the secure test files, and run

    Results in a few minutes!

    Try Now!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/breached-password-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top