Home Explainers How Cybercriminals Use Phishing Kits

How Cybercriminals Use Phishing Kits

Phishing kits provide cybercriminals with readymade phishing pages, email IDs, and malware codes. Several adversaries also offer customized phishing kits on darknet forums.

Phishing Kits, Cost of Phishing Attacks

Cybercriminals are creating new phishing strategies and malware variants to make their attacks more intense and successful. They even rely on phishing kits, which are readily available on darknet forums, to exploit their targeted systems.

By Rudra Srinivas, Senior Feature Writer, CISO MAG

What is a Phishing Kit?

A phishing kit is a collection of various software tools, services, and other components such as archive files, HTML pages, images, and codes that enable threat actors to launch phishing or social engineering attacks. Phishing kits provide readymade phishing pages, email IDs, and malware codes to target victims. Even with little or no knowledge of phishing attacks, a person can create various kinds of phishing lures using a phishing kit.

A typical phishing kit includes:

  • Website development software
  • Email templates
  • Sample malicious scripts or codes
  • Automation software for malware distribution
  • Compromised email ids or phone numbers
  • Evasion mechanisms like HTML character encoding

Phishing kits facilitate adversaries to instantly create undetectable phishing pages, impersonate brands, and harvest users login credentials through it.

Also Read: How To Find a Phishing Email

Types of Phishing Kits  

The complexity and capability of a phishing kit depends on its price on the dark web. While a simple phishing kit contains only a few components, advanced kits include built-in botnets and other evasion techniques.

1. Basic Phishing Kit

A Basic phishing kit is a simple and small archive file containing a few HTML files and JavaScript codes.

2. Dynamic Phishing Kit

Dynamic phishing kits have specially created phishing lures such as fake banking login pages and compromised email addresses.

3. Puppeteer Phishing Kit

Puppeteer phishing kits are specifically designed to phish for online banking credentials. It allows phishers to prompt the victims for sensitive information from their online banking provider. Puppeteer phishing kits are often used to bypass OTPs and security phone calls.

4. Commercial Phishing Kit

With the increase in the usage of phishing kits, several adversaries are offering customized phishing kits online (like 16Shop and FreakzBrothers), where users can log in, purchase, configure, and download the phishing kits they like.

Also Read: Five Phishing Baits You Need to Know

Phishing Kits For Sale 

Threat actors sell phishing kits as phishing-as-a-service across various dark web forums, inviting other cybercriminal affiliates in their phishing campaigns. Research revealed that phishing kits have gained the “Bestseller” tag in the underground market, with the number of ads and their sellers having doubled in 2019 compared to 2018. The growing demand for phishing kits is also reflected in its price that skyrocketed last year by 149% and exceeded $300 per item.

How to Prevent Phishing Kit Scams 

Phishing lures (like emails and messages) are not perfect. A phishing email or message can be detected via paying attention to small details like:

  • Poor grammar or phrasing in messages and emails
  • False sense of urgency that trick users to take action
  • Hidden URLs/short-links like Bit.ly, which conceals links to phishing websites
  • Spelling errors in the email address


While phishers across the globe invest more in phishing kits to expand their phishing activities, users need to be vigilant to detect and prevent evolving phishing lures proactively.

About the Author

Rudra Srinivas

Rudra Srinivas is a Senior Feature Writer and part of the editorial team at CISO MAG. He writes news and feature stories on cybersecurity trends.       

More from the Rudra.