Phishers Launch Dark Web Platform to Spoof Real Corporate Email Addresses from Major Companies
A sophisticated new platform for conducting large-scale phishing attacks has appeared on dark web marketplaces, allowing criminals to send emails that appear to come from the real corporate addresses of major organizations.
The service uses email spoofing techniques to substitute the actual sender data with legitimate domains belonging to well-known companies. As a result, recipients see a familiar corporate email address and company name, making the message look like an official communication.
According to data from BI.ZONE Threat Intelligence, reported by the newspaper Izvestia, the platform is already being actively promoted on underground forums as a turnkey solution for mass phishing campaigns.
In addition to address spoofing, the tool can automatically collect images and design elements from official websites, enabling attackers to replicate company logos, corporate styling, and typical email formats with high accuracy.
This combination of features makes the phishing emails particularly convincing. Messages can be crafted to impersonate invoices, security service notifications, contractual documents, requests from business partners, or urgent demands to verify account information.
Once the victim engages, the attack proceeds through classic methods: a link to a fake website, a malicious attachment, or direct requests for login credentials, passwords, and banking details.
Security experts emphasize that simply checking the “From” field is no longer sufficient protection. Users are advised to carefully examine all links, evaluate the context of any unexpected requests, and remain cautious about demands to download files, make payments, or urgently submit sensitive data.