THE article discusses a shift in phishing tactics by Chinese threat actors, who are moving from static phishing pages to real-time credential interception. Google researchers highlighted that these phishing-as-a-service (PhaaS) operations now target various global entities, primarily outside China, utilizing advanced methods like encrypted messaging for lure delivery.
Significant techniques include live interception of one-time passcodes (OTPs) to bypass multi-factor authentication (MFA) and the use of AI for generating unique phishing pages that evade detection. Additionally, comprehensive criminal services are offered through these platforms, with some operators exhibiting poor operational security by flaunting their activities online.