A new report from Fortra’s Suspicious Email Analysis (SEA) team highlights a surge in abuse of Cloudflare’s developer domains for phishing and DDoS campaigns. Bleeping Computer discusses the 257% rise in phishing incidents in 2024, where attackers exploited trusted domains to evade detection.
Originally published in Bleeping Computer.
Excerpt: “The researchers believe the use of these domains is aimed at improving the legitimacy and effectiveness of these malicious campaigns, taking advantage of Cloudflare's trusted branding, service reliability, low usage costs, and reverse proxying options that complicate detection.”