Chinese Phishing Services Growing Threat to Global Users

Chinese-language phishing-as-a-service (PhaaS) platforms are rapidly expanding in underground criminal markets, rivaling Russian-dominated operations. Google's Threat Intelligence Group analyzed twelve mature PhaaS services operating within Chinese criminal networks, revealing sophisticated tactics beyond simple password theft. These services now employ real-time interception to steal one-time passcodes (OTPs), bypassing multi-factor authentication instantly. Attackers use live administration panels to interact with victims in real-time and tokenize stolen payment data to gain unauthorized access to digital wallets and financial accounts. They exploit encrypted messaging channels like RCS and iMessage to evade traditional security filters. Unlike Russian operations, these Chinese services primarily target non-Chinese organizations globally. Google has taken legal action against PhaaS providers and supports legislation to combat these evolving threats. Source: Google Threat Intelligence Group.